[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: install.c: please set unlink_dest_before_opening=false
From: |
Robert Millan [ackstorm] |
Subject: |
Re: install.c: please set unlink_dest_before_opening=false |
Date: |
Mon, 26 Feb 2007 10:12:13 +0100 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Sun, Feb 25, 2007 at 08:54:38AM -0800, Paul Eggert wrote:
> "James Youngman" <address@hidden> writes:
>
> > * The hacker now has access to a setuid binary which he knows has a
> > security problem. A websearch will probably reveal an exploit.
>
> Hackers don't need to inspect hard links to do that. They can simply
> compute the checksums of the standard executables, or even just look
> at their time stamps. So this argument is a weak one.
I think his point is that the cracker managed to keep a setuid link to her
target binary in the system despite that administrator had attempted to
replace it.
--
Robert Millan
ACK STORM, S.L. - http://www.ackstorm.es/
- Re: install.c: please set unlink_dest_before_opening=false, (continued)
- Re: install.c: please set unlink_dest_before_opening=false, Paul Eggert, 2007/02/20
- Re: install.c: please set unlink_dest_before_opening=false, Robert Millan [ackstorm], 2007/02/22
- Re: install.c: please set unlink_dest_before_opening=false, Paul Eggert, 2007/02/21
- Re: install.c: please set unlink_dest_before_opening=false, Robert Millan [ackstorm], 2007/02/22
- Re: install.c: please set unlink_dest_before_opening=false, Paul Eggert, 2007/02/22
- Re: install.c: please set unlink_dest_before_opening=false, Robert Millan [ackstorm], 2007/02/23
- Re: install.c: please set unlink_dest_before_opening=false, Andreas Schwab, 2007/02/23
- Re: install.c: please set unlink_dest_before_opening=false, Robert Millan [ackstorm], 2007/02/23
Re: install.c: please set unlink_dest_before_opening=false, James Youngman, 2007/02/25
Re: install.c: please set unlink_dest_before_opening=false, Eric Blake, 2007/02/20