From owner-freebsd-security Sun Mar 14 0:27: 9 1999 Delivered-To: freebsd-security@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2]) by hub.freebsd.org (Postfix) with ESMTP id AA67B150AC for ; Sun, 14 Mar 1999 00:27:05 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id AAA89058; Sun, 14 Mar 1999 00:26:45 -0800 (PST) (envelope-from dillon) Date: Sun, 14 Mar 1999 00:26:45 -0800 (PST) From: Matthew Dillon Message-Id: <199903140826.AAA89058@apollo.backplane.com> To: David Scheidt Cc: The Unicorn , freebsd-security@FreeBSD.ORG Subject: Re: ACLs References: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ::the number of links to the file the inode holds information on. Therefor ::any admin who is worth the money they receive for doing their task will ::know that if the number of links to a file is greater than one another ::hard link must exist. Searching the filesystem for another name ::referring the same inode is then not a really hard thing to do... :: : :You have to remeber to check, though. I don't look at the link count every :time before I a rm a file. There are all sorts of people admining boxes who :haven't sense to check for this. I suspect there are lots of otherwise :competent people who don't even know to look for this. Removing the problem :might be a better solution than trying to educate the world about it. If you have your machine partitioned correctly, you do not generally have to worry about hardlinks to system binaries ( suid or otherwise ) as users do not have access to partitions containing them. If you are really worried about it, simply chmod and truncate the file before removing it. If you are truely paranoid, chmod the file, rewrite the contents with garbarge, fsync, ( repeat 50 times ), *then* truncate and remove the file. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message