Date: Thu, 13 Jun 2002 11:37:42 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: void <float@firedrake.org> Cc: hackers@FreeBSD.ORG Subject: Re: security bug in /etc/rc in -STABLE? Message-ID: <20020613163742.GB37481@dan.emsphone.com> In-Reply-To: <20020613161739.GA25926@parhelion.firedrake.org> References: <20020613161739.GA25926@parhelion.firedrake.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Jun 13), void said: > I cvsupped -STABLE yesterday, and I was just running mergemaster when I > saw: > > # Remove X lock files, since they will prevent you from restarting X11 > # after a system crash. > # > -rm -f /tmp/.X*-lock /tmp/.X11-unix/* > +rm -f /tmp/.X*-lock > +rm -fr /tmp/.X11-unix > > Aren't both the old and new versions vulnerable to symlink attacks? From the manpage: The rm utility removes symbolic links, not the files referenced by the links. If rm -rf is passed the name of a symlink to a directory, only the symlink is removed. The old version was vulnerable to someone symlinking .X11-unix to, say, /etc. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020613163742.GB37481>