Network Security: Detailed info on Re: Changes to the filesystem while find is running

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Changes to the filesystem while find is running - comments?

from [James Youngman] Network Security

[Permanent Link]

Subject:	Re: Changes to the filesystem while find is running - comments?
Date:	Tue, 23 Nov 2004 08:59:26 +0000

On Tue, Nov 23, 2004 at 12:38:52PM +1100, Paul Szabo wrote:

[ James wrote ]

This algorithm is certainly robust, but it will never descend into an
automount directory hierarchy.  Do you think we can do better than
that without opening the door to more exploits?


Hmm... It would not descend into just-now-changed automounts (and it may
not be able to get back out of them), but it should be able to traverse
reasonably long-lived mounts.


The problem is though that when you chdir() into an automount mount
point, automount aill automatically mount it for you.  Hence if an
automount filesystem wasn't already mounted, if you chdir() into it it
immediately becomes a "just-now-changed" mount point.  That's the
essensce of the problem I am trying to solve.

Regards,
James

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Changes to the filesystem while find is running - comments?, (continued) Re: Changes to the filesystem while find is running - comments?, devnull Re: Changes to the filesystem while find is running - comments?, Casper . Dik Re: Changes to the filesystem while find is running - comments?, Martin Buchholz Re: Changes to the filesystem while find is running - comments?, Casper . Dik Re: Changes to the filesystem while find is running - comments?, James Youngman Re: Changes to the filesystem while find is running - comments?, Paul Szabo Re: Changes to the filesystem while find is running - comments?, James Youngman Re: Changes to the filesystem while find is running - comments?, Paul Szabo Re: Changes to the filesystem while find is running - comments?, Martin Buchholz Re: Changes to the filesystem while find is running - comments?, Paul Szabo Re: Changes to the filesystem while find is running - comments?, James Youngman <=

Previous by Date:	[Full-Disclosure] Broadcast memory corruption in Soldier of Fortune II 1.03, Luigi Auriemma
Next by Date:	Re: Changes to the filesystem while find is running - comments?, Martin Buchholz
Previous by Thread:	Re: Changes to the filesystem while find is running - comments?, Paul Szabo
Next by Thread:	GFHost PHP GMail remote command execution exploit that achieves webserver id privileges, Jerome ATHIAS
Indexes:	[Date] [Thread] [Top] [All Lists]