Re: hardlinks to setuid binaries

To: Jan Schaumann <jschauma%netmeister.org@localhost>
Subject: Re: hardlinks to setuid binaries
From: Taylor R Campbell <campbell+netbsd-tech-security%mumble.net@localhost>
Date: Sat, 26 Mar 2022 11:19:22 +0000

Here's some conditions we could apply to making hard links:

1. [zfs] Caller must own file.

2. [linux with protected_hardlinks] Either:
   (a) Caller must own file.
   (b) File must be regular and non-suid/sgid, and caller must have
       read&write access.

3. [least restrictive I could think of to prevent this attack] Either:
   (a) If suid, caller must own file.
   (b) If sgid, caller must be in group.

If we apply conditions, I think we should apply them uniformly across
file systems.

Follow-Ups:
- Re: hardlinks to setuid binaries
  - From: Thor Lancelot Simon
- Re: hardlinks to setuid binaries
  - From: Jan Schaumann
- Re: hardlinks to setuid binaries
  - From: David Sainty

References:
- hardlinks to setuid binaries
  - From: Jan Schaumann

Prev by Date: Re: hardlinks to setuid binaries
Next by Date: Re: hardlinks to setuid binaries
Previous by Thread: Re: hardlinks to setuid binaries
Next by Thread: Re: hardlinks to setuid binaries
Indexes:

Home | Main Index | Thread Index | Old Index