[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/null misconfiguration on caballero?

On Mon, 2012-07-16 at 16:54 -0700, Ben Pfaff wrote:
> This implies that /dev/null isn't empty, because the "test-json"
> program was able to read at least 3 bytes from it.  That can easily
> happen in a chroot if someone forgets to "mknod /dev/null c 1 3" and
> later someone writes data to /dev/null as root.  Any chance this
> happened?

Something I have seen cause this problem in the past is build scripts
which run something like "gcc -o /dev/null test.c" as root.

GCC may have fixed this problem, but other programs may still do blind
unlink() calls before creating an output file.
Knowledge Is Power
Power Corrupts
Study Hard
Be Evil

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: