Difference between revisions of "Vuln kernel linking restrictions"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "= Linking restriction policy is not enforced = When enabled /tmp race exploits will be prevented, since users will no longer be able to follow symlinks owned by other users ...")
 

Latest revision as of 19:01, 10 February 2012

[edit] Linking restriction policy is not enforced

When enabled /tmp race exploits will be prevented, since users will no longer be able to follow symlinks owned by other users in world-writable +t directories (i.e. /tmp), unless the owner of the symlink is the owner of the directory. users will also not be able to hardlink to files they do not own.

If you see this vulnerability it can only be caused if you are not running the ASL kernel.

[edit] Next Steps

Check to see if you are using the ASL kernel by going to this link.

If you are not running the ASL kernel:

Please check that you have the kernel installed and then reboot your system into the ASL kernel.

Note: If you have a VPS system, you will not have your own kernel. Please install ASL on the host server.

Personal tools