Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261626AbTKXXaq (ORCPT ); Mon, 24 Nov 2003 18:30:46 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261670AbTKXXaq (ORCPT ); Mon, 24 Nov 2003 18:30:46 -0500 Received: from sweetums.bluetronic.net ([24.199.150.42]:3463 "EHLO sweetums.bluetronic.net") by vger.kernel.org with ESMTP id S261626AbTKXXap (ORCPT ); Mon, 24 Nov 2003 18:30:45 -0500 Date: Mon, 24 Nov 2003 18:28:30 -0500 (EST) From: Ricky Beam To: Linus Torvalds cc: Andy Lutomirski , Subject: Re: hard links create local DoS vulnerability and security problems In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 640 Lines: 21 On Mon, 24 Nov 2003, Linus Torvalds wrote: >Just do > > chmod ug-s file > >and you're done. > >If you delete the file first, you'll need roots help, but hey, be careful. Heh, thus enters paranoia... patern fill the file (zero's will do), truncate, 'chmod 0', and *then* unlink it. Yeah, it's eating up an inode charged to the user, but otherwise, no space and the contents are gone. --Ricky - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/