On Thu, 2006-07-27 at 20:06 +0200, Petr Baudis wrote: > Make that setuid root or just create log file owned by you and make root > run it. Should be innocent enough, right? > > Well, except that you can revoke the log file before the shadow file is > opened, at which point open() probably reuses the fd and the program > conveniently logs to /etc/shadow. No, the fd is leaked on purpose to avoid recycling. See revoke_fds for details. - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
