Hello. I forgot to say another example.
This would be unlikely situation to assume /usr/bin/passwd (a program that has to be setuid root) and /bin/cat (a program that needn't to be setuid root) are the hardlinks of busybox. An administrator defines profile for /usr/bin/passwd that allows read access to /etc/shadow to allow changing password. An malicious user may pass "/usr/bin/passwd" to filename and "cat" to argv[0] and "/etc/shadow" to argv[1]. The result will be printing the content of /etc/shadow instead of changing password while the process is controlled using profile for /usr/bin/passwd. Thanks. - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
