On 2008/01/19 19:46, bofh wrote: > On Jan 19, 2008 1:27 PM, Ted Unangst <[EMAIL PROTECTED]> wrote: > > > On 1/18/08, bofh <[EMAIL PROTECTED]> wrote: > > > I think he means sshd. And it really doesn't matter, once you make > > install, > > > you'll overwrite the vulnerable copy with the new one, and all the > > hardlinks > > > won't matter, because they'd be linked to the new file. > > > > except that they won't. the point of a hard link is it points to the > > file, not the name. it's not a symlink. > > > > I don't get what you're talking about. If you overwrite the file > (vulnerable sshd) with a new one, the file gets replaced. All the hardlinks > would point to the new file.
Depends how you overwrite it. Your method > $ echo apple > test > $ ln test test2 > $ echo orange > test2 > $ cat test > orange only works because you rewrite the contents of the file. Most methods that would be used to install new software would remove the directory entry and use a new inode. See for yourself, use ls -li and cp/mv/install.