[ofa-general] Re: [RFC] IB management changes proposal
Roland Dreier
rdreier at cisco.com
Thu Apr 26 19:47:04 PDT 2007
> > I'm sorry, I'm not familiar with the code.
> > I was just saying that using /tmp/ibnetdiscover.topology is clearly
> > a security risk since /tmp is world-writeable. Isn't it?
>
> However, I think the risk is pretty low. The scripts only use this information
> to report other information about the subnet. The only damage would be if an
> admin misinterpreted this information and did something bad to the net.
You're not being devious enough. Look up "symlink attack" to see one
idea of something evil that an attacker could do.
More information about the general
mailing list