[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: basically security of linux

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Boyd Stephen Smith Jr. wrote:
> What about hardlinking the suid-root binaries to a hidden location, waiting 
> for a security hole to be found/fixed, and then running the old binary to 
> exploit the hole?  

IIRC, a hard link is the same file called two different names. If
dpkg/apt change the file in one location (security update), the other
one will be changed as well [1]...

You'd have to *copy* the hard linked file, but that would still not
allow you to copy it back later or to retain it's suid properties.

Am I missing something?

Johannes

[1] http://en.wikipedia.org/wiki/Hard_link
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklw0fkACgkQC1NzPRl9qEXaKACfX8VfBxpZsSH7Lf0HAGC9JL4b
298AoIAqW+BtPtRZ6wZvT37t4zujq3a0
=rOKy
-----END PGP SIGNATURE-----
Reply to: