[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: /proc filesystem allows bypassing directory permissions on Linux
On 2009-10-24 Derek Martin wrote:
> 1. It circumvents the fact that to write to a file, you MUST be able
> to write to its directory, so that the file attributes can be updated.
Wrong, because the file's attributes aren't stored in the directory, but
in the respective inode.
"All vulnerabilities deserve a public fear period prior to patches
--Jason Coombs on Bugtraq