LinuxSecurity.com has an article which “discusses how sendmail currently handles file locking and how it will change in future versions. “Any application which uses either flock() or fcntl() style locking or other APIs that use one of these locking methods (such as open() with O_EXLOCK and O_SHLOCK) on files readable by other local untrusted users may be susceptible to local denial of service attacks.”
Category:
- Security
