Code to hide inaccessible files/directories

Mike Fedyk mfedyk at matchmail.com
Tue Apr 17 23:14:08 GMT 2001


On Tue, Apr 17, 2001 at 04:58:37PM -0400, Bill Moran wrote:
> 
> >Race condition. If you use access() to test permissions - then perform
> >some function as a result, there's a possibility for someone to change
> >the permissions between those two actions. For example, you test
> >access() to see if the user can open a file and find it OK to open, then
> >a malicious user replaces the file with a links to passwd. You then have
> >access to a file you shouldn't. Like I said, doesn't seem to apply in
> >this use.
> Well, with a network file system many strange things can happen ...
> 
> Still ... I can't see how it would do anything worse than show a file that 
> the user really doesn't have access to, then deny access when they try to 
> read the file. If you can think of a scenerio where it could be a problem, 
> I'd like to hear it.
> 
the user could make the admin kill the server if he links a file to
/etc/passwd and the admin runs his smbd as root...

that'd be a funny trick to pull on an admin that pissed you off.  If that
was the only copy of /etc/passwd, and he was able to do the same with
/etc/shadow they wouldn't be able to know who owned the file :)

Actually, the system would still work for current processes/servers, new
logins would fail.  Even root! hehehe

Mike




More information about the samba-technical mailing list