[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: basically security of linux

On Friday 2009 January 16 12:29:13 Johannes Wiedersich wrote:
>Boyd Stephen Smith Jr. wrote:
>> What about hardlinking the suid-root binaries to a hidden location,
>> waiting for a security hole to be found/fixed, and then running the old
>> binary to exploit the hole?
>IIRC, a hard link is the same file called two different names. If
>dpkg/apt change the file in one location (security update), the other
>one will be changed as well [1]...

True enough.  However, if you unlink the old version before writing the new 
version, you have a problem.  IIRC, GNU cp and GNU mv does the unlink/link 
rather than opening the destination with O_CREAT|O_TRUNC|O_WRITE.
Boyd Stephen Smith Jr.                     ,= ,-_-. =. 
bss@iguanasuicide.net                     ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy           `-'(. .)`-' 
http://iguanasuicide.net/                      \_/     

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: