Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 21 Mar 2001 23:34:31 -0800
From:      "Crist J. Clark" <cjclark@reflexnet.net>
To:        "J.A. Terranson" <measl@mfn.org>
Cc:        security@FreeBSD.ORG
Subject:   Re: chflags/symlinks
Message-ID:  <20010321233431.C574@cjc-desktop.users.reflexcom.com>
In-Reply-To: <Pine.BSF.4.21.0103200548140.24537-100000@greeves.mfn.org>; from measl@mfn.org on Tue, Mar 20, 2001 at 05:57:23AM -0600
References:  <Pine.BSF.4.21.0103200548140.24537-100000@greeves.mfn.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 20, 2001 at 05:57:23AM -0600, J.A. Terranson wrote:
> 
> Good Morning/Afternoon/Etc.,
> 
> 	I believe there is an issue WRT the above pair.

The chflags(1) manpage says,

     Symbolic links do not have flags, so unless the -H or -L option is set,
     chflags on a symbolic link always succeeds and has no effect.

> 	Problem: There is no way to secure (schg, etc) the link.  I can
> secure the files to which they point, but not the links
> themselves.  Theoretically, an attack can be launched by deleting the
> symlinks and creating new ones, rather than altering the files directly
> (as they are safe under securelevel 3).
> 
> 	For us, the issue has been nighty cleanup routines killing the
> symlinks, and thereby breaking *everything* :-(
> 
> 
> 	I there is something I have missed here, I would *love* to know...

You can schg the directory in which the symlinks are in. That of
course may or may not be practical for you.
-- 
Crist J. Clark                           cjclark@alum.mit.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010321233431.C574>