On Jan 19, 2008 1:27 PM, Ted Unangst <[EMAIL PROTECTED]> wrote: > On 1/18/08, bofh <[EMAIL PROTECTED]> wrote: > > I think he means sshd. And it really doesn't matter, once you make > install, > > you'll overwrite the vulnerable copy with the new one, and all the > hardlinks > > won't matter, because they'd be linked to the new file. > > except that they won't. the point of a hard link is it points to the > file, not the name. it's not a symlink. >
I don't get what you're talking about. If you overwrite the file (vulnerable sshd) with a new one, the file gets replaced. All the hardlinks would point to the new file. $ uname -a OpenBSD urd.spidernet.to 4.1 GENERIC#0 i386 $ echo apple > test $ ln test test2 $ ls -l test* -rw-r--r-- 2 tai wheel 6 Jan 19 19:43 test -rw-r--r-- 2 tai wheel 6 Jan 19 19:43 test2 $ cat test test2 apple apple $ echo orange > test2 $ cat test orange $ -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related