Multiuser systems allow multiple users with different privileges to share a filesystemfile system. Each user, in such an environment, must be able to determine which files are shared and which are private and each user must be able to enforce these decisions.
...
A directory is secure with respect to a particular user if the user has exclusive privileges to move or delete files inside the directory. Furthermore, each parent to the secure directory can only be be moved or deleted by the user and the system administrator. On most systems, home or user directories are secure by default and only shared directories are insecure.
There are a number of filesystem file system properties and capabilities that can be exploited by an attacker including file links, device files, and shared file access.
...
Note that this method is only effective on filesystems file systems that are fully compatible with UNIX permissions, and it may not behave correctly for filesystems file systems with other permission mechanisms, such as AFS.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="05d98977b5b6bdac-a572bcfd-440045d8-99d4bb66-4059910f2e0a453e5a9e5745"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | Class File, methods | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9b50b5f58ae8b0b8-b4e2e61b-4c1a4ec0-bd488c23-90e3ea60cf3541fab3a01643"><ac:plain-text-body><![CDATA[ | [[CVE 2008 | AA. Bibliography#CVE 08]] | [CVE-2008-5354 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5354] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="172caebe655f9ba8-9fd6f7ed-49ec45f0-9c3fa4a5-57e85074e5e0f7334116f540"><ac:plain-text-body><![CDATA[ | [[Darwin 2004 | AA. Bibliography#Darwin 04]] | 11.5 Creating a Transient File | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2e869822f9ac8fc8-fba12717-4f9b4443-b1cab0fd-5b89b4b186c55d740afae6d4"><ac:plain-text-body><![CDATA[ | [[Garfinkel 1996 | AA. Bibliography#Garfinkel 96]] | Section 5.6, "Device Files" | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ac8ec895c567c9da-b391a9f0-49244c70-8b0187bb-b64c76c08500741eaf4b1f84"><ac:plain-text-body><![CDATA[ | [[Howard 2002 | AA. Bibliography#Howard 02]] | Chapter 11, "Canonical Representation Issues" | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="76f0958f37b7a397-279f61c7-4a7b407a-a4f686bf-6514bcce06027f1faa3df91c"><ac:plain-text-body><![CDATA[ | [[J2SE 2011 | AA. Bibliography#J2SE 11]] | The try-with-resources Statement | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2ab2d3a033ddf5a2-22a02432-4f524f92-827fa1f1-192dcac5b69b5eae4c95a98f"><ac:plain-text-body><![CDATA[ | [[Open Group 2004 | AA. Bibliography#Open Group 04]] | [ | http://www.opengroup.org/onlinepubs/009695399/functions/open.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="192da0054c0a4c61-68e7a6c5-40fd46b5-a2639247-1d658906abaa8b9e9f788d00"><ac:plain-text-body><![CDATA[ | [[SDN 2008 | AA. Bibliography#SDN 08]] | Bug IDs: 4171239, 4405521, 4635827, 4631820 | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b38ac4b8dc7a7937-caa5cdd3-49c34c3d-aed483a4-44ed4c56cfd35ed68c775fd9"><ac:plain-text-body><![CDATA[ | [[Secunia 2008 | AA. Bibliography#Secunia 08]] | [Secunia Advisory 20132 | http://secunia.com/advisories/20132/] | ]]></ac:plain-text-body></ac:structured-macro> |
...