Date: Mon, 27 Mar 2000 15:29:16 -0700 From: Warner Losh <imp@village.org> To: David Malone <dwmalone@maths.tcd.ie> Cc: hackers@FreeBSD.ORG, des@FreeBSD.ORG, pb@FreeBSD.ORG Subject: Re: Linprocfs observation. Message-ID: <200003272229.PAA00547@harmony.village.org> In-Reply-To: Your message of "Mon, 27 Mar 2000 23:25:02 %2B0100." <200003272325.aa69356@salmon.maths.tcd.ie> References: <200003272325.aa69356@salmon.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200003272325.aa69356@salmon.maths.tcd.ie> David Malone writes: : > File was removed because it was a huge, gaping security hole. It was : > effectively hard link to the file in question and circumvented some of : > the usual security protections that the file would otherwise be : > protected by. : : I know - AFAIK I was the one who reported it ;-) So many bugs. It is hard to put a face on them at times :-) : > : Linux itself is not subject to this problem because it's exe file : > : is a synthetic symlink pointing to the executable, not something : > : which returns the executables actual vnode. : > : > And that's why it is still in the tree. A symbolic link doesn't have : > the security issues that the hard link has. : : I think I wasn't clear. The real Linux code doesn't have this problem, : but the code in /usr/src/sys/miscfs/linprocfs, which was committed to : 4.0 and 5.0 two days ago does. Ah. That's a good point. : Given that libc is using it for something, it is probably important : to provide a working one in linprocfs, preferably without the : security hole! Agreed. I'm happy with just making it a symlink. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003272229.PAA00547>