On Tue, Mar 17, 2009 at 8:14 AM, Dmitri Nikulin <[email protected]> wrote: > Otherwise you could soft link > /bin/sh into your home directly, setuid the link, and own the machine.
Sorry, that was a terrible example, only root can setuid anyway. A better example is linking to /bin/sh and making your link writable, then using that to inject malicious code, which is just as good and would be possible with the semantics you described. -- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
