[Issue 15584] Security issue: symlink attack
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed Jan 20 05:44:29 PST 2016
https://issues.dlang.org/show_bug.cgi?id=15584
ag0aep6g at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ag0aep6g at gmail.com
--- Comment #2 from ag0aep6g at gmail.com ---
I understand you're asking for dmd to replace the link, or maybe fail with an
error message, instead of writing through the link.
Not an unreasonable request, but is there really a strong expectation that
programs don't write through symlinks, so that this is surprising behavior?
After all, the victim has to set up the symlink. If the attacker could set it
up, they could just overwrite untouchable directly.
For what it's worth, gcc seems to behave like dmd:
----
$ touch untouchable
$ ln -s untouchable a.out
$ cat > test.c << code
#include <stdio.h>
int main() {printf("owned\n"); return 0;}
code
$ gcc test.c
$ ./untouchable
owned
----
So maybe it's actually more expected that symlinks are followed, and not
replaced.
--
More information about the Digitalmars-d-bugs
mailing list