|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Exploit for Linux wu.ftpd hole
der Mouse (mouse
Collatz.McRCIM.McGill.EDU)Sun, 9 Jul 1995 06:31:39 -0400
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Nathan Lawson: "Re: Exploit for Linux wu.ftpd hole"
- Previous message: John Adams: "Re: Why are we using priveleged images / state so much? (Was Re:"
- Maybe in reply to: Henri Karrenbeld: "Exploit for Linux wu.ftpd hole"
>> When you move something on top of messages, messages is unlinked.
>> The file is still open, but no longer accessible through the
>> directory structure.
> Can this not be detected?
Yes (an fstat() will show st_nlink==0, I think). First question,
though, is "does it need to be?". One could argue syslogd should be
checking for this condition, but it's not entirely clear to me why.
It's syslogd's job to log things, not to try to detect and recover from
pilot error. I'm also not prepared to dogmatically state that this
condition is always pilot error; I've been surprised too often by
someone (often myself) finding a good use for something that initially
looked like an administrator blundering.
> Obviously the write will fail, when this occurs
No, it won't - at least it sure better not. An open file with no
filesystem links is perfectly legal and useful, and always has been;
there is no excuse at all for that alone to cause writes to fail.
der Mouse
mousecollatz.mcrcim.mcgill.edu
- Next message: Nathan Lawson: "Re: Exploit for Linux wu.ftpd hole"
- Previous message: John Adams: "Re: Why are we using priveleged images / state so much? (Was Re:"
- Maybe in reply to: Henri Karrenbeld: "Exploit for Linux wu.ftpd hole"