nosymfollow Re: SSH allows deletion of other users files...

From: Jan Grant (Jan.Grantat_private)
Date: Wed Jun 06 2001 - 01:51:10 PDT

Next message: Kris Kennaway: "Re: $HOME buffer overflow in SunOS 5.8 x86"

Previous message: e-changat_private: "HPUX / 800 models / Old-styled exploit for cue"
In reply to: zen-parseat_private: "SSH allows deletion of other users files..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 4 Jun 2001, zen-parse wrote:

>  [zen@clarity zen]$ rm -r /tmp/ssh-XXW9hNY9/; ln -s / /tmp/ssh-XXW9hNY9

For a long time now I've been mounting /tmp with the "nosymfollow"
option (FreeBSD) - nothing seems to be broken by this, apart from a
whole slew of these kinds of bugs :-)

Apologies for pointing out the obvious; this mount option seems really
useful.

jan (expecting a flood of "but it breaks this" mail now)

-- 
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287163 Fax +44 (0)117 9287112 RFC822 jan.grantat_private
YKYBPTMRogueW... you try to move diagonally in vi.

Next message: Kris Kennaway: "Re: $HOME buffer overflow in SunOS 5.8 x86"
Previous message: e-changat_private: "HPUX / 800 models / Old-styled exploit for cue"
In reply to: zen-parseat_private: "SSH allows deletion of other users files..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 08 2001 - 13:06:58 PDT