[Full-Disclosure] Re: hard links on Linux create local DoS vulnerability and security problems
sethb at panix.com
Mon Nov 24 19:47:53 GMT 2003
> I think that your observation of the ability to keep a security hole open is
> very interesting, but, fortunately, it should be moot.
Even if not, it's easily avoidable: when you replace a setuid program,
truncate the existing file first, then chmod 000, then delete it.
The security hole only remains if you merely delete it.
Full-Disclosure is hosted and sponsored by Secunia.