Re: hardlinks to setuid binaries

To: tech-security%netbsd.org@localhost
Subject: Re: hardlinks to setuid binaries
From: David Holland <dholland-security%netbsd.org@localhost>
Date: Sun, 27 Mar 2022 23:22:18 +0000

On Sun, Mar 27, 2022 at 01:47:44PM -0400, Thor Lancelot Simon wrote:
 > Even better, imagine requiring an attribute to be set on a directory
 > in order to _allow_ it to contain setuid executables.  Or device nodes.
 > Wouldn't that, in general, be safer and better than trying to decide all
 > the places where such things should _not_ be allowed?

That is a good idea...

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- hardlinks to setuid binaries
  - From: Jan Schaumann
- Re: hardlinks to setuid binaries
  - From: Taylor R Campbell
- Re: hardlinks to setuid binaries
  - From: Thor Lancelot Simon

Prev by Date: Re: hardlinks to setuid binaries
Next by Date: re: hardlinks to setuid binaries
Previous by Thread: Re: hardlinks to setuid binaries
Next by Thread: Re: hardlinks to setuid binaries
Indexes:

Home | Main Index | Thread Index | Old Index