Along similar lines, I've discovered (through bad code) that certain NFS implementations will allow you to create files with a / in their names. Obviously, it's pretty difficult to get rid of these files after the fact. As far as I've been able to tell, all UNIX system calls parse paths, and will always treat a path like "a/b" as the file "b" in the directory "a", rather than the file "a/b" in the current directory. Not even rm -r on the directory could clean this up. The only way I've found to get rid of these files is by using the same NFS client code that was used to create them (whew!). Note that this code has to be "buggy" in the sense that it doesn't correctly parse paths. Yes, I did make a mistake. Erp! This could be used to create a pretty nasty DoS, if an attacker has write access to your NFS filesystem (this is more common than you might think). I wonder what would happen if I created a file called "/etc/passwd" in the current directory... probably nothing. But who knows? -- Jefferson Ogata <jogataat_private> National Oceanographic Data Center You can't step into the same river twice. -- Herakleitos
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:48:29 PDT