BUG: simple attack when control channel muxing is used (was: Re: ControlMaster question)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Nov 11 08:19:31 EST 2014
On Mon 2014-11-10 08:41:02 -1000, Christoph Anton Mitterer wrote:
> A normal user cannot create hardlinks on files owned by other users,
> right?
This depends on your kernel.
Some recent Linux kernels prohibit this kind of behavior, but many older
Linux kernels (and i'm sure some non-Linux kernels) freely allow the
creation of hardlinks to files not owned by the linking user.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20141110/d3273c7c/attachment.bin>
More information about the openssh-unix-dev
mailing list