Louis Granboulan <louis.granboulan.secur...@gmail.com> wrote: > However, it is quite clear to me that the current behaviour is > inconsistent and is the reason of this security flaw. We see $ ls -l > /proc/self/fd/3 pretend that it is a symbolic link to a file that does not > exist, and $ ls -lL /proc/self/fd/3 show a setuid file. > >
Louis, the commands specified in the advisory were intended to help illustrate the problem, not be a replacement for any analysis. Your questions were anticipated, and answered in the Notes section. Next time I will put the Notes section at the top ;-) Tavis. -- ------------------------------------- tav...@cmpxchg8b.com | pgp encrypted mail preferred ------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/