Robert Thurlow wrote: > Mike Oliver wrote: > >> Is it true that any old user can create symlinks whose content will be >> interpreted as a reparse point? If so, what protections are in place to >> prevent arbitrary content in such a user-created symlink from tricking >> the system into doing something bad? Presumably the protection would be >> implemented in 'reparsed' or its plug-ins, which aren't described in >> this case, but perhaps you can comment on the general approach that will >> be used to defend against abuse of the service data in the symlink >> content. > > If you can write to the filesystem, you can create a symlink > to point to your own secret stash of trojan-enables binaries > via /net. In what way is this different? I know I always disable /net. Will this re-open an equivalent that I can't disable?
-Kyle > > Rob T > _______________________________________________ > opensolaris-arc mailing list > opensolaris-arc at opensolaris.org