hard links create local DoS vulnerability and security problems
From: Jakob Lell (jlell_at_JakobLell.de)
Date: 11/24/03
- Previous message: John Cherry: "Re: Linux 2.6.0-test10 (compile stats)"
- Next in thread: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Richard B. Johnson: "Re: hard links create local DoS vulnerability and security problems"
- Maybe reply: Richard B. Johnson: "Re: hard links create local DoS vulnerability and security problems"
- Maybe reply: Andy Lutomirski: "Re: hard links create local DoS vulnerability and security problems"
- Reply: bill davidsen: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Gianni Tedesco: "Re: hard links create local DoS vulnerability and security problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: linux-kernel@vger.kernel.org Date: Mon, 24 Nov 2003 17:36:23 +0100
Hello,
on Linux it is possible for any user to create a hard link to a file belonging
to another user. This hard link continues to exist even if the original file
is removed by the owner. However, as the link still belongs to the original
owner, it is still counted to his quota. If a malicious user creates hard
links for every temp file created by another user, this can make the victim
run out of quota (or even fill up the hard disk). This makes a local DoS
attack possible.
Furthermore, users can even create links to a setuid binary. If there is a
security whole like a buffer overflow in any setuid binary, a cracker can
create a hard link to this file in his home directory. This link still exists
when the administrator has fixed the security whole by removing or replacing
the insecure program. This makes it possible for a cracker to keep a security
whole open until an exploit is available. It is even possible to create links
to every setuid program on the system. This doesn't create new security
wholes but makes it more likely that they are exploited.
To solve the problem, the kernel shouldn't allow users to create hard links to
files belonging to someone else.
I could reproduce the problem on linux 2.2.19 and 2.4.21 (and found nothing
about it in the changelogs to 2.4.23-rc3).
Regards
Jakob
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Previous message: John Cherry: "Re: Linux 2.6.0-test10 (compile stats)"
- Next in thread: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Måns Rullgård: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Richard B. Johnson: "Re: hard links create local DoS vulnerability and security problems"
- Maybe reply: Richard B. Johnson: "Re: hard links create local DoS vulnerability and security problems"
- Maybe reply: Andy Lutomirski: "Re: hard links create local DoS vulnerability and security problems"
- Reply: bill davidsen: "Re: hard links create local DoS vulnerability and security problems"
- Reply: Gianni Tedesco: "Re: hard links create local DoS vulnerability and security problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
