Linux Today: Linux News On Internet Time.
Search Linux Today
search.internet.com
Linux News Sections:  Blog -  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Become a Marketplace Partner

internet.commerce
Be a Commerce Partner














The Linux Channel at internet.com
Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Subscribe News
Subscribe PR
Subscribe Security

internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

 






Current Newswire:

Saving the "Best" for Last - Fedora 12 (Constantine)

LinuxCertified Announces its next Linux System and Network Administration BootCamp

The Problem With The Linux Community

Vim 101: A Beginner's Guide to Vim

Open Source Science: A Revolution From Within

openSUSE 11.2-- Incremental Updates, Plenty of Polish

Microsoft, other rivals slam Google Chrome OS

Intel Linux Graphics Shine With Fedora 12

Editor's Note: Do It Yourself "Cloud"

Google Chrome OS: First looks, first impressions




Arcsight Engineer
The Computer Merchant, Ltd
US-DC-Washington

Justtechjobs.com Post A Job | Post A Resume
:Fake Unix and Linux Advisory - The /dev/null Vulnerability
Fake Unix and Linux Advisory - The /dev/null Vulnerability
Nov 17, 2008, 04 :01 UTC (0 Talkback[s]) (4368 reads)

(Other stories by Mike Tremell)

[ Thanks to Mike Golvach for this link. ]

"The contemporary method of /dev/null drivers is described as the "high suction algorithm" in comparison with the replacement that vendors have made available for their systems. If a malicious user uses a program with low-resistance logic to connect /dev/null back into itself, the device goes critical and can be used for destructive purposes.

"Once the /dev/null device driver enters a critical state, programs with low-resistance logic will break, be consumed by /dev/null and expose their standard input to the full force of /dev/null itself. Some examples which have been verified in labs include the following:


* Programs which are consumed by /dev/null become permanent entry points to /dev/null afterward.
* If standard input is redirected from any regular file, it will be "sucked dry" and left empty. File permissions do not prevent loss of data.
* If standard input is redirected from a directory, all the files and directories within it will be sucked dry, recusrively removing an entire directory tree."

Complete Story

Related Stories:
XKCD - Linux, Unix And Other Funny Cartoons(Nov 16, 2008)
Unix And Linux Humor - Cult Satire(Nov 10, 2008)
Stupefying Linux and Unix Humor(Nov 08, 2008)
Funny Mozilla Bugs - Open Source Humor(Nov 02, 2008)
Ridiculous Resumes - Unix, Linux and Everything in Between(Oct 26, 2008)
Unix - What Is It? More Linux/Unix Humor(Oct 25, 2008)



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!






..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs