Language Selection

English French German Italian Portuguese Spanish

Broken Links in Linux File Systems can be a Security Risk

Filed under
Security

BROKEN LINKS in Linux file systems are not just annoying — they can also be a security risk. In a previous post, I discussed the potential dangers of unowned files and in this post I will talk about those annoying, resource consuming broken links usually considered simple file system “lint”.

I recently spoke to a Security Blanket™ customer and they asked me, "Why does Security Blanket report on these broken links?" I responded with a typical, technical explanation of...

"It [Security Blanket™] was trying to determine the file's existing access controls by using stat(2) not lstat(2). This call was unsuccessful because the target file was non-existent therefore, we want you to be aware of this 'lint'."

Although I could not see their face, I am sure their eyes were rolling at my somewhat cryptic response. Later that day, I contemplated the existence of broken links and realized they are a potential security risk — in the form of a Trojan Horse.

Common Uses of Links




More in Tux Machines

Eure-et-Loir department now using Nuxeo document system

The administration of France’s Eure-et-Loir Department has implemented Nuxeo, an open source enterprise document and content management system. The solution is used to exchange documents between the department’s services and, sometime next year, also with partner-organisations. Read more

2014: The Open Source Tipping Point

2014 was a tipping point where companies decided there was too much software to write for any one company to do it by themselves. They are shedding commodity software R&D by investing in “external R&D” with open source. Those who master the game have a compelling advantage. Those who don’t are getting left behind. We are experiencing an innovation renaissance that is largely driven by open source software that powers distributed, scale out systems. It’s been a pleasure to see this trend develop this year and I’m looking forward to 2015 with anticipation. Read more

KDAB contributions to Qt 5.4

Qt 5.4 was released just last week! The new release comes right on schedule (following the 6-months development cycle of the Qt 5 series), and brings a huge number of new features. KDAB engineers have contributed lots of code to Qt during the last few months. Once more, KDAB is the second largest contributor to Qt (the first being The Qt Company itself). The commit stream has been constant, as you can see in this graph showing the last 16 weeks. Read more

Git 2.2.1 Released To Fix Critical Security Issue

Today's Git vulnerability affects those using the Git client on case-insensitive file-systems. On case-insensitive platforms like Windows and OS X, committing to .Git/config could overwrite the user's .git/config and could lead to arbitrary code execution. Fortunately with most Phoronix readers out there running Linux, this isn't an issue thanks to case-sensitive file-systems. Read more