Protecting Linux systems from symlink attacks [migrated]
Linux-based systems are vulnerable to symlink race attacks from unprivileged UID processes. For example, a PHP process can create a symlink to /etc/passwd in a directory where Apache httpd will serve it to the Internet. For e… Continue reading Protecting Linux systems from symlink attacks [migrated]