Date: Tue, 27 Feb 1996 12:55:45 -0800 (PST) From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu> To: newton@communica.com.au (Mark Newton) Cc: security@freebsd.org Subject: Re: Suspicious symlinks in /tmp Message-ID: <199602272055.MAA15968@kdat.calpoly.edu> In-Reply-To: <9602270411.AA25647@communica.com.au> from "Mark Newton" at Feb 27, 96 02:41:27 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> ... also totally irrelevent: The permissions on the symlink don't > arbitrate file access permissions -- The permissions on the file it's > pointing to (ie: the destination) are used for that purpose. > > So: Not only does it not matter who owns the symlink, it also doesn't > matter how it is chmod'ed. You can set its permissions to rwxrwxrwx > without making a spot of difference to the accessibility of the file > it's pointing at. Yes, but let's say Joe User tries out the ln -s command. Now he can't delete his symlink. This behavior is broken. A user should not be able to create any type of file, whether a symlink or just a normal file, that is owned by another user. Like I said before, how about a justification as to the usefullness of this behavior? I've already provided one annoying result of it. -- Nate Lawson \Yeah, I was dreaming through the 'howzlife', yawning, car black, CS-EE double \when she told me 'mad and meaningless as ever...' and a song major, \came on the radio like a cemetery rhyme for a million crying unaccredited \corpses in their tragedy of respectable existence. - BR
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602272055.MAA15968>