Re: basically security of linux
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Boyd Stephen Smith Jr. wrote:
> What about hardlinking the suid-root binaries to a hidden location, waiting
> for a security hole to be found/fixed, and then running the old binary to
> exploit the hole?
IIRC, a hard link is the same file called two different names. If
dpkg/apt change the file in one location (security update), the other
one will be changed as well [1]...
You'd have to *copy* the hard linked file, but that would still not
allow you to copy it back later or to retain it's suid properties.
Am I missing something?
Johannes
[1] http://en.wikipedia.org/wiki/Hard_link
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAklw0fkACgkQC1NzPRl9qEXaKACfX8VfBxpZsSH7Lf0HAGC9JL4b
298AoIAqW+BtPtRZ6wZvT37t4zujq3a0
=rOKy
-----END PGP SIGNATURE-----
Reply to: