Language Selection

English French German Italian Portuguese Spanish

Broken Links in Linux File Systems can be a Security Risk

Filed under
Security

BROKEN LINKS in Linux file systems are not just annoying — they can also be a security risk. In a previous post, I discussed the potential dangers of unowned files and in this post I will talk about those annoying, resource consuming broken links usually considered simple file system “lint”.

I recently spoke to a Security Blanket™ customer and they asked me, "Why does Security Blanket report on these broken links?" I responded with a typical, technical explanation of...

"It [Security Blanket™] was trying to determine the file's existing access controls by using stat(2) not lstat(2). This call was unsuccessful because the target file was non-existent therefore, we want you to be aware of this 'lint'."

Although I could not see their face, I am sure their eyes were rolling at my somewhat cryptic response. Later that day, I contemplated the existence of broken links and realized they are a potential security risk — in the form of a Trojan Horse.

Common Uses of Links




More in Tux Machines

Red Hat News: KVM, OpenStack Platform 13 and More

today's leftover

  • The Prominent Changes Of Phoronix Test Suite 8.0
    With development on Phoronix Test Suite 8.0 wrapping up for release in the coming weeks, here is a recap of some of the prominent changes for this huge update to our open-source, cross-platform benchmarking software.
  • AMD AOCC 1.2 Code Compiler Offers Some Performance Benefits For EPYC
    Last month AMD released the AOCC 1.2 compiler for Zen systems. This updated version of their branched LLVM/Clang compiler with extra patches/optimizations for Zen CPUs was re-based to the LLVM/Clang 6.0 code-base while also adding in experimental FLANG support for Fortran compilation and various other unlisted changes to their "znver1" patch-set. Here's a look at how the performance compares with AOCC 1.2 to LLVM Clang 6.0 and GCC 7/8 C/C++ compilers.
  • More Roads And Faster Browsers
    And it's exactly what is happening with our Web pages. Browsers become more performant. So developers instead of using this extra performance to make the page extra-blazingly fast, we use it to pack more DOM nodes, CSS animations and JavaScript driven user experiences.
  • Firefox 61 Beta 6 Testday Results
    As you may already know, last Friday – May 18th – we held a new Testday event, for Firefox 61 Beta 6. Thank you all for helping us make Mozilla a better place: gaby2300, Michal, micde, Jarrod Michell, Petri Pollanen, Thomas Brooks. From India team: Aishwarya Narasimhan, Mohamed Bawas, Surentharan and Suren, amirthavenkat, krish.
  • Lemonade Proposes Open Source Insurance Policy for All to Change, Adopt
    Technology-focused homeowners and renters insurer Lemonade Inc. has proposed an open source renters insurance policy that anyone can contribute to changing, even its rivals since Lemonade is not copyrighting it.
  • Security updates for Monday

Development Leftovers

  • My talk from the RISC-V workshop in Barcelona
  • KDAB at SIGGRAPH 2018
    Yes, folks. This year SIGGRAPH 2018 is in Canada and we’ll be there at the Qt booth, showing off our latest tooling and demos. These days, you’d be surprised where Qt is used under the hood, even by the biggest players in the 3D world!
  • 9 Best Free Python Integrated Development Environments
    Python is a widely used general-purpose, high level programming language. It’s easy to read and learn. It’s frequently used for science, data analysis, and engineering. With a burgeoning scientific community and ecosystem, Python is an excellent environment for students, scientists and organizations that develop technology software. One of the essential tools for a budding Python developer is a good Integrated Development Environment (IDE). An IDE is a software application that provides comprehensive facilities to programmers for software development. Many coders learn to code using a text editor. And many professional Python developers prefer to stay with their favourite text editor, in part because a lot of text editors can be used as a development environment by making use of plugins. But many Python developers migrate to an IDE as this type of software application offers, above all else, practicality. They make coding easier, can offer significant time savings with features like autocompletion, and built-in refactoring code, and also reduces context switching. For example, IDEs have semantic knowledge of the programming language which highlights coding problems while typing. Compiling is ‘on the fly’ and debugging is integrated.
  • Want to Debug Latency?
    In the recent decade, our systems got complex. Our average production environments consist of many different services (many microservices, storage systems and more) with different deployment and production-maintenance cycles. In most cases, each service is built and maintained by a different team — sometimes by a different company. Teams don’t have much insight into others’ services. The final glue that puts everything together is often a staging environment or sometimes the production itself! Measuring latency and being able to react to latency issues are getting equally complex as our systems got more complex. This article will help you how to navigate yourself at a latency problem and what you need to put in place to effectively do so.

Devices: AsteroidOS, Das blinkenlight, Android P

  • The open source AsteroidOS is a new alternative to Wear OS
    AsteroidOS is a new Linux-based open source operating system that can be used as a replacement to Wear OS. A small team of developers have been hard at work on the smartwatch platform for the last four years. As the culmination of their efforts, this week the first stable version was made available to the public. It plays nice with a few Wear OS-compatible smartwatches.
  • Das blinkenlights are back thanks to RPi revival of the PDP-11
    The designers left the I2C port of the Raspberry Pi free for hacks, and “it is not very hard to add support for such things in the simh emulator, so the PiDP-11 can use them as I/O”. The SR switches on the PiDP-11's SR switches can be set to boot various operating systems (this part is a work in progress), so instead of RSX-11MPlus users can choose BSD, DOS-11, Unix System 6 or System 7 and the like.
  •  
  • How Android P Will Increase Battery Life