Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: Giles Lean <firstname.lastname@example.org>
From: Warner Losh <email@example.com>
Date: 12/30/1996 09:04:57
In message <199612300123.MAA01238@nemeton.com.au> Giles Lean writes:
: I wonder if we're talking about the same things?
: There were two holes in the original advisory:
There is a third hole that is likely to be present. If you create a
directory structure, say /tmp/foo/etc/passwd, then find will see that,
and you can then race the rm by then switching foo to be a symlink to
/ so that /etc/passwd gets blown away.