dbo:abstract
|
- Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de)
- A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). It is called a "race" because in its typical manifestation, the program checks to see if a file by that name already exists; if it does not exist, the program then creates the file. An attacker must create the link in the interval between the check and when the file is created. A symlink race can happen with antivirus products that decide they will quarantine or delete a suspicious file, and then go ahead and do that. During the interval between decision and action, malicious software can replace the suspicious file with a system or antivirus file that the malicious software wants overwritten. (en)
- Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl)
|
dbo:wikiPageID
| |
dbo:wikiPageLength
|
- 3317 (xsd:nonNegativeInteger)
|
dbo:wikiPageRevisionID
| |
dbo:wikiPageWikiLink
| |
dbp:wikiPageUsesTemplate
| |
dcterms:subject
| |
rdf:type
| |
rdfs:comment
|
- Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de)
- Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl)
- A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). (en)
|
rdfs:label
|
- Symlink-Schwachstelle (de)
- Symlink race (pl)
- Symlink race (en)
|
owl:sameAs
| |
prov:wasDerivedFrom
| |
foaf:isPrimaryTopicOf
| |
is dbo:wikiPageRedirects
of | |
is dbo:wikiPageWikiLink
of | |
is foaf:primaryTopic
of | |