Matthew R. Dempsky wrote:
One possibility is that between the first ls -l and the rm that joe
changed just-testing to a symlink to /etc. However, I think this attack
scenario relies too much on joe's ability to blindly predict when the
sysadmin is about to run rm.
We do not know if joe
Hello.
djb published the exam paper from the 2004 UNIX security hole course:
http://cr.yp.to/2004-494/1209.pdf
I've been going through it, for something to do, and am stuck on
question 7:
---
Problem 7.
The system administrator, after learning that the /home disk is full, finds and
removes a
On Sat, Jun 03, 2006 at 01:35:21PM +0100, mal content wrote:
% find /home -ls | sort -n +6 | tail -1 | awk '{print $11}'
/home/joe/just-testing/rc
% ls -l /home/joe/just-testing/rc
-rw-r--r-- 1 joe joe 41162685334 Dec 9 10:00 /home/joe/just-testing/rc
% rm /home/joe/just-testing/rc
% ls -l
3 matches
Mail list logo