From: Brock Tellier <[EMAIL PROTECTED]>
> >This was my try to exploit myself. When I make the 'killall -8 xmonisdn' >my
> >xmonisdn dies only with an Floating exception but it doesn't dump a core.
> Good, it shouldn't. If you look at the original post, this person executed
> those commands as root, which, on his system, allowed him to make the suid
> xmonisdn dump core. xmonisdn won't dump core unless you are running it as
> root. This isn't a security hole unless it were to dump core in a world
> readable mode.
Or in a directory writable by others, in which case files could get trashed.
With O_NOFOLLOW in the core file open(), as it is in recent kernels, you
now require hard links rather than symbolic links to achieve this.
I've put O_EXCL in some of my kernels for this reason.
--
##############################################################
# Antonomasia [EMAIL PROTECTED] #
# See http://www.notatla.demon.co.uk/ #
##############################################################
