Date: Fri, 18 Oct 1996 00:08:20 +0200 From: roberto@keltia.freenix.fr (Ollivier Robert) To: freebsd-hackers@freebsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c Message-ID: <199610172208.AAA22502@keltia.freenix.fr> In-Reply-To: <199610171900.MAA06276@lestat.nas.nasa.gov>; from Jason Thorpe on Oct 17, 1996 12:00:53 -0700 References: <199610171900.MAA06276@lestat.nas.nasa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Jason Thorpe: > Given (c), if the program is run by root, and it drops a core file, > only root can read it. A side point: I was able to override a file with a symlink named ftpd.core on a 2.1.0 system... It means that the kernel silently followed the symlink and it is BAD. The "quote pasv" problem (and core) won't happen in 2.2-CURRENT because P_SUGID bit is set but one could probably make some root-owned program and overwrite any file. The code in kern_sig.c doesn't seem to follow symlinks but it did on 2.1.0. Can anyone more knowledgeable with the code confirm please ? FYI: Solaris up to 2.5.1 seems to follow them, pfff. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #25: Tue Oct 15 21:13:57 MET DST 1996
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610172208.AAA22502>