Bug#3099: etc/cron.daily/standard security hole

To: maor@ece.utexas.edu (Guy Maor)
Cc: debian-bugs@pixar.com
Subject: Bug#3099: etc/cron.daily/standard security hole
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Date: Thu, 23 May 1996 21:59:23 +0200 (MET DST)
Message-id: <[🔎] 199605231959.VAA07518@i17linuxb.ists.pwr.wroc.pl>
Reply-to: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>, debian-bugs@pixar.com
In-reply-to: <Pine.SOL.3.91.960523141123.6773C-100000@brando.ece.utexas.edu> from "Guy Maor" at May 23, 96 02:14:37 pm

> Are you sure this will work even with "find ... -print0 | xargs -0 rm"?
> It's pretty obvious how to make it remove any file without those
> arguments, but I can't think of a way with.

Yes, I think it will still work.  The attack involves replacing pathname
components with symlinks between find and rm.

> Is there an archive of the linux-security mailing list somewhere where
> I could read the original message?

ftp://linux.nrao.edu/pub/linux/security/list-archive/linux-security/

I received a few requests to repost the message from linux-security
so I've just sent it to debian-bugs.

Marek

Reply to:

Prev by Date: Bug#3068: gzip package must not include compress link
Next by Date: Uploaded to chiark: new uutraf
Previous by thread: Re: fvwm2 and system.fvwmrc and an automatic "Programs" menu
Next by thread: Uploaded to chiark: new uutraf
Index(es):
- Date
- Thread