To: linux-kernel@vger.kernel.org
Path: gatekeeper.tmr.com!davidsen
From: davidsen@tmr.com (bill davidsen)
Newsgroups: mail.linux-kernel
Subject: Re: hard links create local DoS vulnerability and security problems
Date: 25 Nov 2003 00:04:07 GMT
Organization: TMR Associates, Schenectady NY
Message-ID: <bpu69n$a3$1@gatekeeper.tmr.com>
References: <200311241736.23824.jlell@JakobLell.de> <200311241857.41324.jlell@JakobLell.de> <200311241921.50001.mbuesch@freenet.de> <20031124105321.A16684@osdlab.pdx.osdl.net>
Originator: davidsen@gatekeeper.tmr.com
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1077
Lines: 18

In article <20031124105321.A16684@osdlab.pdx.osdl.net>,
Chris Wright  <chrisw@osdl.org> wrote:
| * Michael Buesch (mbuesch@freenet.de) wrote:
| > What about _not_ modifying the mainstream-kernel behaviour,
| > but adding an option, to make users unable to create such hard-links,
| > to selinux and/or grsec?
| 
| It's already in grsec and owl.  SELinux has the ability to control this
| behaviour, just requires the right policy.

Bah!! I just spent 20 minutes deciding that I could add an attribute to
a file which prevented hard links, and similar to a directory. OTOH you
saved me the work of doing more than a few lines on paper, and it's
reassuring to know the security patches are ahead of the problem.
-- 
bill davidsen <davidsen@tmr.com>
  CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/