Linux Today: Linux News On Internet Time.

Fake Unix and Linux Advisory - The /dev/null Vulnerability

Nov 17, 2008, 04:01 (0 Talkback[s])
(Other stories by Mike Tremell)

[ Thanks to Mike Golvach for this link. ]

"The contemporary method of /dev/null drivers is described as the "high suction algorithm" in comparison with the replacement that vendors have made available for their systems. If a malicious user uses a program with low-resistance logic to connect /dev/null back into itself, the device goes critical and can be used for destructive purposes.

"Once the /dev/null device driver enters a critical state, programs with low-resistance logic will break, be consumed by /dev/null and expose their standard input to the full force of /dev/null itself. Some examples which have been verified in labs include the following:

* Programs which are consumed by /dev/null become permanent entry points to /dev/null afterward.
* If standard input is redirected from any regular file, it will be "sucked dry" and left empty. File permissions do not prevent loss of data.
* If standard input is redirected from a directory, all the files and directories within it will be sucked dry, recusrively removing an entire directory tree."

Complete Story

Related Stories: