Over Mounting in Linux
A topic that’s been discussed to great length on one of (many) Linux lists I lurk on has been that of mounting one file over another. It’s easier to show this with an example:
$ cat password dwilson:password $ cat fakepassword attacker:fakepassword (root) $ mount --bind fake_password password $ cat password attacker:fakepassword
While this requires root access (or flimsy mount permissions) to execute, it is a nasty little trick. An ‘ls’ won’t show anything strange but a ‘mount’ command will. It’s also worth noting that this can be done with binary and executable files. ‘root# mount –bind /tmp/attacker_ps /bin/ps’ works as well as the example did.