Re: BUG: simple attack when control channel muxing is used (was: Re: ControlMaster question)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



* Christoph Anton Mitterer (calestyo@xxxxxxxxxxxx) wrote:
> > That said, an ownership check that prevents, among other things, root
> > from accidentally falling through a wormhole wouldn't be bad. Attached
> > patch against 6.7p1 should do.
> 
> Wouldn't it be the enough to simply check whether
> - the socket is owned by the same user
> - has mode 600
> - and directory permissions are such, that another user couldn't have
> changed this (thinking of ACLs for that)

Should there be a hard-link count check also..?  Haven't really thought
it all the way through, but that's a common thing to check also..

	Thanks,

		Stephen

Attachment: signature.asc
Description: Digital signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux