|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Thursday, 11 November 1999||Author: Quentin Cregan|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Printable]|
If you export RW with nfs, you're exploitable
"The true cause of the problem is that the code relies on the total length of a path to not exceed PATH_MAX + NAME_MAX. I'm not sure whether this is a common Unix problem, but at least on Linux, PATH_MAX merely seems to put an upper limit on the length of a single path you can hand to a syscall (size of a page - 1, i.e. 4095). However it still allows you to create files within that directory as long as you use relative names only..." A patch against 2.2beta47 has been released by Olaf Kirch.