Bug#225692: A common setuid symlink issue, and possible patch to the bug

To: Javier Fernández-Sanguino Peña <jfs@computer.org>
Cc: 225692@bugs.debian.org
Subject: Bug#225692: A common setuid symlink issue, and possible patch to the bug
From: Erno Kuusela <erno@iki.fi>
Date: Sun, 4 Jan 2004 05:58:08 +0200
Message-id: <[🔎] 20040104035808.GQ2410@erno.iki.fi>
Reply-to: Erno Kuusela <erno@iki.fi>, 225692@bugs.debian.org
In-reply-to: <20040103204106.GA20881@dat.etsit.upm.es>
References: <20040103204106.GA20881@dat.etsit.upm.es>

| Shouldn't it be better if the code used in removal.c was re-used in 

after turning my brain on i remember what my original point about
needing to use fchmod was... the usual way to upgrade binaries in unix
is to use link() or rename() to replace them atomically. there also you
can use fchmod to change the permissions of the old inode (which might
still other links). if you just chmod the setuid bit away before doing
the replacement, there's window of time where you have a nonfunctional
binary in place.

  -- erno

Reply to:

Follow-Ups:
- Bug#225692: A common setuid symlink issue, and possible patch to the bug
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Bug#225692: A common setuid symlink issue, and possible patch to the bug
Next by Date: Bug#225692: A common setuid symlink issue, and possible patch to the bug
Previous by thread: Bug#225692: A common setuid symlink issue, and possible patch to the bug
Next by thread: Bug#225692: A common setuid symlink issue, and possible patch to the bug
Index(es):
- Date
- Thread