Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: None <tech-kern@NetBSD.ORG>
From: Matt Thomas <email@example.com>
Date: 01/02/1997 13:22:12
I've been thinking about this for a while. I think a possible solution
could be a flag similar to nosuid.
In essence, this flag would force a small change to the semantics of
following symlinks. Symlinks would be followed iff they are owned by
root or what they point to has the same owner as the symlink.
I think would seal up the security holes with symlinks without totally
Matt Thomas Internet: firstname.lastname@example.org
3am Software Foundry WWW URL: http://www.3am-software.com/bio/matt.html
Westford, MA Disclaimer: I disavow all knowledge of this message