Hi,

On Fri, Oct 24, 2008 at 10:18:55PM +0100, Chris Wilson wrote:
> I thought that the suid bit was a property of the directory entry, not the
> inode?


No.

> On what platforms is the suid bit a property of the inode, which
> would make this exploit possible?


On all platforms with "unix file system semantics" (read: inodes), the
directory entry only contains "name->inode", and all details, including
all permission bits, are stored in the inode.

gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev