Date: Mon, 21 Sep 1998 14:56:32 +0400
From: Tim Kutergin <[email protected]>
To: [email protected]Subject: Filesystem DoS on SCO Openserver 5
Hi All !
It seems that I have been hit by bug in HTFS filesystem on SCO
Openserver 5. The problem is that You could do unlink("..") and this
operation will be successful (if You have permissions) corrupting
filesystem. I have discovered this anomaly when investigating constant
system crashes when users were deleting mailboxes in Cyrus imap server
1.5.2 There was bad code in imapd that was trying to delete ".." when
removing mailbox (newer versions of imapd are fixed). So usual user may
severely damage filesystem by doing unlink("..") in subdirectories, where
hi has permissions to do this. I had reported this bug to SCO, but they
replied that I have problems with hardware.
Sorry for bad English
Timofey
