Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 50666 Details for
Bug 81165
description of hardlinks and their importance in security
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
hardlinks patch
secguide.diff (text/plain), 2.39 KB, created by
Tavis Ormandy (RETIRED)
on 2005-02-07 13:42:35 UTC
(
hide
)
Description:
hardlinks patch
Filename:
MIME Type:
Creator:
Tavis Ormandy (RETIRED)
Created:
2005-02-07 13:42:35 UTC
Size:
2.39 KB
patch
obsolete
>--- gentoo-security.xml~ 2005-02-07 21:36:41.118007720 +0000 >+++ gentoo-security.xml 2005-02-07 21:36:30.509620440 +0000 >@@ -1224,7 +1224,61 @@ > But if you are running X, you might have some more, since X needs the elevated > access afforded by SUID. > </p> >+</body> >+</section> >+<section> >+<title>SUID/SGID binaries and Hardlinks</title> >+<body> >+<p> >+A file is only considered deleted when there are no more links pointing to it. This >+might sound like a strange concept, but consider that a filename like <c>/usr/bin/perl</c> >+is actually a link to the inode where the data is stored. Any number of links can point >+to the file, and until all of them are gone, the file still exists. >+</p> >+ >+<p> >+If your users have access to a partition that isn't mounted with <c>nosuid</c> >+or <c>noexec</c> (for example, if <c>/tmp</c>, <c>/home</c>, or <c>/var/tmp</c> are >+not seperate partitions) you should take care to ensure your users dont create hardlinks to >+suid or sgid binaries, so that after portage updates they still have access to the old >+versions. >+</p> >+ >+<warn> >+if you have received a warning from portage about remaining hardlinks, and your users can >+write to a partition that allows executing suid/sgid files, you should read this section carefully. >+One of your users may be attempting to circumvent your update by keeping an outdated version >+of a program. If your users cannot create their own suid files, or can only execute programs using >+the dynamic loader (partitions mounted <c>noexec</c>), you do not have to worry. >+</warn> > >+<note> >+users do not read access to a file to create a link to it, they only need read permission to >+the directory that contains it. >+</note> >+ >+<p> >+To check how many links a file has, you can use the stat command. >+<p> >+ >+<pre caption="stat command"> >+$ stat /bin/su >+ File: `/bin/su' >+ Size: 29350 Blocks: 64 IO Block: 131072 regular file >+Device: 900h/2304d Inode: 2057419 Links: 1 >+Access: (4711/-rws--x--x) Uid: ( 0/ root) Gid: ( 0/ root) >+Access: 2005-02-07 01:59:35.000000000 +0000 >+Modify: 2004-11-04 01:46:17.000000000 +0000 >+Change: 2004-11-04 01:46:17.000000000 +0000 >+</pre> >+ >+<p> >+To find find the suid and sgid files with multiple links, you can use find. >+</p> >+ >+<pre caption="finding multiply linked suid/sgid binaries"> >+$ find / -type f \( -perm -004000 -o -perm -002000 \) -links +1 -ls >+</pre> > </body> > </section> > </chapter>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=50666">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 81165
:
50666
|
50670
