Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 8 Sep 2011 15:15:14 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: /tmp fs type

Solar,

On Thu, Sep 08, 2011 at 12:12 +0400, Solar Designer wrote:
> On Wed, Sep 07, 2011 at 02:47:50PM +0400, Vasiliy Kulikov wrote:
> > On Wed, Sep 07, 2011 at 14:19 +0400, Solar Designer wrote:
> > > On Wed, Sep 07, 2011 at 01:49:45PM +0400, Vasiliy Kulikov wrote:
> > > > How does the hardlink hardening protect against hardlinking into /home?
> > > 
> > > By not letting a user create hard links to files that they don't have
> > > write permissions for.
> > 
> > -ow for 2.4 didn't have such protection, did it?  At least I'm not aware
> > of it.
> 
> It did, and -ow for 2.0 and 2.2 did as well.

Oh, I've somehow missed that hardlink protection works not only in +t
directories, sorry.

Then I don't see any practical use case where bind mount can help us.

Thanks,

-- 
Vasiliy

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ