|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Symlinks and Cryogenic Sleep
Subject: Re: Symlinks and Cryogenic Sleep
From: Mark A. Heilpern (heilpern
MINDSPRING.COM)
Date: Mon Jan 03 2000 - 16:34:45 CST
- Next message: Thomas Quinot: "First Telecom E-conso service totally insecure"
- Previous message: Norbert Luckhardt: "Re: Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:....">"
- In reply to: Olaf Kirch: "Symlinks and Cryogenic Sleep"
- Next in thread: Olaf Kirch: "Re: Symlinks and Cryogenic Sleep"
- Next in thread: der Mouse: "Re: Symlinks and Cryogenic Sleep"
- Reply: Mark A. Heilpern: "Re: Symlinks and Cryogenic Sleep"
- Reply: Olaf Kirch: "Re: Symlinks and Cryogenic Sleep"
- Reply: Casper Dik: "Re: Symlinks and Cryogenic Sleep"
- Reply: Henrik Nordstrom: "Re: Symlinks and Cryogenic Sleep"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 09:24 PM 1/3/00 +0100, you wrote:
[snip]
>When
>the application reaches the critical section of code between the
>lstat and the open, you stop it by sending it a SIGSTOP. You record
>the device and inode number of your /tmp file, remove it, and wait.
>
>Seconds, days or maybe even weeks later, somebody creates an interesting
>file with exactly the same inode (and device) number as the one you
>used with my setuid program. You now create a symlink in /tmp, pointing
>to that interesting file, and send my setuid application a SIGCONT.
>Zap, there goes the file.
[snip]
>Comments? Suggestions?
Maybe I'm just naive, but it's my understanding that you cannot send signals
to a process you don't own unless you are root.
On my Linux 2.2.13 system, I just tried sending SIGSTOP to a root-owned
and nobody-owned process, and each time was told I was not the process owner.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2
iQA/AwUBOHEkBOux2pTVimV9EQKVSACdHQzIwkp1NSFzUzlJjvFqZEgXy3oAoN6h
Hgqn5NkiHaExOJuGwhJVGOy7
=4Ywc
-----END PGP SIGNATURE-----
- Next message: Thomas Quinot: "First Telecom E-conso service totally insecure"
- Previous message: Norbert Luckhardt: "Re: Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:....">"
- In reply to: Olaf Kirch: "Symlinks and Cryogenic Sleep"
- Next in thread: Olaf Kirch: "Re: Symlinks and Cryogenic Sleep"
- Next in thread: der Mouse: "Re: Symlinks and Cryogenic Sleep"
- Reply: Mark A. Heilpern: "Re: Symlinks and Cryogenic Sleep"
- Reply: Olaf Kirch: "Re: Symlinks and Cryogenic Sleep"
- Reply: Casper Dik: "Re: Symlinks and Cryogenic Sleep"
- Reply: Henrik Nordstrom: "Re: Symlinks and Cryogenic Sleep"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Tue Jan 04 2000 - 13:18:53 CST