On Wed, 27 Jun 2001, Wichert Akkerman wrote: >> Linux kernels with openwall patch (with restricted links in /tmp) are >> imunne to this type of attack (following symlinks does not work, link >> owner does not match with file's owner). > > If symlink don't work you can still use a hardlink though. Another thing you can do is creating a symlink pointing to non-existing file. You can create new boot script, configuration files like ld.so.preload or whatever you want. -- _____________________________________________________ Michal Zalewski [[EMAIL PROTECTED]] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-=
- smbd remote file creation vulnerability Michal Zalewski
- Re: smbd remote file creation vulnerability maniac
- Re: smbd remote file creation vulnerabi... Pavol Luptak
- Re: smbd remote file creation vulne... Tomek Lipski
- Re: smbd remote file creation vulne... Jarno Huuskonen
- Re: smbd remote file creation v... Pavol Luptak
- Re: smbd remote file creat... Simple Nomad
- Re: smbd remote file c... Olaf Kirch
- Re: smbd remote fi... Simple Nomad
- Re: smbd remote file creation vulne... Wichert Akkerman
- Re: smbd remote file creation v... Michal Zalewski
- Re: smbd remote file creation v... Phil Stracchino
- Re: smbd remote file creation v... Steve Beattie
- Re: smbd remote file creation vulne... Joachim Blaabjerg
- Re: smbd remote file creation v... Michal Zalewski
- Re: smbd remote file creation v... sarnold
- Re: smbd remote file creation vulnerability Fatal Connect
- Re: smbd remote file creation vulnerabi... Joseph Nicholas Yarbrough
- Re: smbd remote file creation vulnerability Christopher William Palow
- Re: smbd remote file creation vulnerabi... Dan Stromberg
- Re: smbd remote file creation vulnerabi... Daniel Jacobowitz
