A few notes on this advisory and IBM's IY94817.
1) The real IY94817 document (not the stub) requires registration to
even access in the first place, which is an unfortunate practice
that too many vendors undertake. The URL was also broken for some
time. Now that I've registered, I *STILL* can't get access to this
file:
"IY94817: SECURITY: DB2DIAG.LOG SYMBOLIC LINK OVERWRITE
VULNERABILITY"
http://www-1.ibm.com/support/docview.wss?uid=swg1IY94817
Why is it so difficult just to get some basic security information?
Security advisories should be easy for the public to access. A
sysadmin shouldn't have to register with hundreds of web sites just
to get good security information.
This kind of thing happens all the time, unfortunately.
2) Anyway, this document:
http://www-1.ibm.com/support/docview.wss?uid=swg21255745
says "The vulnerability allows a local user to write to any file on
the system through the use of symbolic links (also known as
symlinks or soft links)."