Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263812AbTKXT0v (ORCPT ); Mon, 24 Nov 2003 14:26:51 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263821AbTKXT0v (ORCPT ); Mon, 24 Nov 2003 14:26:51 -0500 Received: from bab72-140.optonline.net ([167.206.72.140]:59242 "EHLO shookay.newview.com") by vger.kernel.org with ESMTP id S263812AbTKXT0s (ORCPT ); Mon, 24 Nov 2003 14:26:48 -0500 To: Valdis.Kletnieks@vt.edu Cc: splite@purdue.edu, root@chaos.analogic.com, linux-kernel@vger.kernel.org Subject: Re: hard links create local DoS vulnerability and security proble References: <200311241829.hAOITdKL014364@turing-police.cc.vt.edu> X-Face: %JOeya=Dg!}[/#Go&*&cQ+)){p1c8}u\Fg2Q3&)kothIq|JnWoVzJtCFo~4X Date: 24 Nov 2003 14:25:31 -0500 In-Reply-To: <200311241829.hAOITdKL014364@turing-police.cc.vt.edu> Message-ID: User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 769 Lines: 19 Valdis.Kletnieks@vt.edu writes: > mkdir ~/bin > chmod 700 ~/bin > cat > ~/bin/show-me > #!/bin/sh > whoami > ^D > chmod 4755 ~/bin/show-me > > No separate partitions needed. It's always been my understanding that you cannot have suid shell script because you could easily change the IFS. Am i wrong? ( -- Mathieu Chouquet-Stringer E-Mail : mathieu@newview.com Never attribute to malice that which can be adequately explained by stupidity. -- Hanlon's Razor -- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/