Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263810AbTKXRiE (ORCPT ); Mon, 24 Nov 2003 12:38:04 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263812AbTKXRiD (ORCPT ); Mon, 24 Nov 2003 12:38:03 -0500 Received: from ss1000.ms.mff.cuni.cz ([195.113.19.221]:29642 "EHLO ss1000.ms.mff.cuni.cz") by vger.kernel.org with ESMTP id S263810AbTKXRiC (ORCPT ); Mon, 24 Nov 2003 12:38:02 -0500 Date: Mon, 24 Nov 2003 18:37:57 +0100 From: Rudo Thomas To: "Richard B. Johnson" Cc: Jakob Lell , linux-kernel@vger.kernel.org Subject: Re: hard links create local DoS vulnerability and security problems Message-ID: <20031124183757.A2507@ss1000.ms.mff.cuni.cz> Mail-Followup-To: "Richard B. Johnson" , Jakob Lell , linux-kernel@vger.kernel.org References: <200311241736.23824.jlell@JakobLell.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from root@chaos.analogic.com on Mon, Nov 24, 2003 at 12:14:34PM -0500 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 416 Lines: 11 > A setuid binary created with a hard-link will only work as a setuid > binary if the directory it's in is owned by root. [...] This is not true, just verified it. Rudo. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/