From owner-freebsd-hackers@FreeBSD.ORG Wed Jul 27 09:01:21 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D5CC106564A; Wed, 27 Jul 2011 09:01:21 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (agora.rdrop.com [IPv6:2607:f678:1010::34]) by mx1.freebsd.org (Postfix) with ESMTP id C7C7D8FC15; Wed, 27 Jul 2011 09:01:20 +0000 (UTC) Received: from agora.rdrop.com (66@localhost [127.0.0.1]) by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id p6R91J1O019653 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 27 Jul 2011 02:01:20 -0700 (PDT) (envelope-from perryh@pluto.rain.com) Received: (from uucp@localhost) by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id p6R91Jgn019652; Wed, 27 Jul 2011 02:01:19 -0700 (PDT) Received: from fbsd81 ([192.168.200.81]) by pluto.rain.com (4.1/SMI-4.1-pluto-M2060407) id AA00517; Wed, 27 Jul 11 01:57:18 PDT Date: Wed, 27 Jul 2011 08:57:27 -0700 From: perryh@pluto.rain.com To: s@samu.pl Message-Id: <4e303567.2SHj2vERr0n8Op6Q%perryh@pluto.rain.com> References: In-Reply-To: User-Agent: nail 11.25 7/29/05 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org, rwatson@freebsd.org Subject: Re: Finding symlink information in MAC Framework X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jul 2011 09:01:21 -0000 s wrote: > ... I am trying to compare the owner of the symlink to the owner > of what the symlink points to ... At first I was trying to check > wheter some user is trying to create such a symlink ... I've always considered the "ownership" and "permissions" of a symlink to be an artifact of the implementation, rather than having any real significance. Symlinks did not exist in Bell Labs Unix, at least as of 6th edition. IIUC they were invented at UCB to get around the limitation that a hard link could not cross a physical filesystem boundary (i.e. a mount point); symlinks would not have been needed had the entire logical filesystem been contained on a single, unpartitioned physical device because hard links could have been used instead. A hard link has no ownership or permissions of its own: it is just an additional directory entry pointing to the same inode as the target's original directory entry. (The permissions are stored in the inode, not in the directory entry.) Because the target of a symlink is (in the general case) not in the same physical filesystem as the symlink itself, the symlink has to be stored in its own inode -- and that inode, like any other, has "ownership" and "permission" fields which will inevitably contain some pattern of bits -- but it's not clear to me that anything is gained by assigning a meaning to those patterns. Getting back to the original problem, suppose you had no mounted filesystems (other than special cases like devfs or /proc), the entire logical filesystem tree being stored on a single device, so that any file on the system could be hard-linked into any directory on the system. How would you detect that "some user" had created a _hard_ link to some arbitrary file?