Re: autoclean mode for tmpfs

To: Eric Haszlakiewicz <erh%nimenees.com@localhost>
Subject: Re: autoclean mode for tmpfs
From: David Holland <dholland-tech%netbsd.org@localhost>
Date: Sun, 7 Aug 2011 19:15:40 +0000

On Sun, Aug 07, 2011 at 01:54:01PM -0500, Eric Haszlakiewicz wrote:
 > >  > However, since there's no way to make rmdir(2) use NOFOLLOW, we
 > >  > have to either leave directory structure in place or risk removing an
 > >  > attacker's choice of empty directories.
 > > ?
 > > 
 > > valkyrie% ls -l
 > > total 4
 > > drwx------  2 dholland  notmp  512 Aug  7 12:32 bar
 > > lrwx------  1 dholland  notmp    3 Aug  7 12:32 baz -> bar
 > > valkyrie% rmdir baz
 > > rmdir: baz: Not a directory
 > > Exit 1
 > 
 > My guess for steps to create the problem is:
 > 
 > % mkdir /tmp/foo/bar
 > % make-lots-of-files-in-dir /tmp/foo/bar
 > % run-job-that-slows-down-the-system
 > % wait-for-tmp-cleanup-to-start
 > % mv /tmp/foo /tmp/foo2
 > % ln -s /some/path /tmp/foo
 > ... and the tmp cleanup does a "rmdir /tmp/foo/bar", which is actually 
 >  /some/path/bar instead.

If you traverse the tree as Mouse described, it won't do that. If you
don't, there are a lot of ways to abuse it.

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- autoclean mode for tmpfs
  - From: David Holland
- Re: autoclean mode for tmpfs
  - From: Jukka Ruohonen
- Re: autoclean mode for tmpfs
  - From: David Holland
- Re: autoclean mode for tmpfs
  - From: Jukka Ruohonen
- Re: autoclean mode for tmpfs
  - From: David Holland
- Re: autoclean mode for tmpfs
  - From: Mouse
- Re: autoclean mode for tmpfs
  - From: David Holland
- Re: autoclean mode for tmpfs
  - From: Eric Haszlakiewicz

Prev by Date: Re: autoclean mode for tmpfs
Next by Date: Re: autoclean mode for tmpfs
Previous by Thread: Re: autoclean mode for tmpfs
Next by Thread: Re: autoclean mode for tmpfs
Indexes:

Home | Main Index | Thread Index | Old Index