Dear Salvatore,

> You are operating here outside of /tmp (sticky world-writable
> directory) which the above issue for the init scripts relies on,
> right?  fs.protected_(hardlinks|symlinks) is exactly a hardening for
> those issues:

I see: the kernel now treats things in /tmp (with sticky bit
permissions) differently from other places (without "weird"
permissions). Thanks for pointing this out for me!
(I never noticed this change...)

Then I agree that this issue is not exploitable in default Debian,
no need for DSA. (Sorry about the noise.)

Cheers, Paul

Paul Szabo
School of Mathematics and Statistics   University of Sydney    Australia

Reply via email to