From owner-freebsd-fs Mon Oct 27 05:28:44 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id FAA19718 for fs-outgoing; Mon, 27 Oct 1997 05:28:44 -0800 (PST) (envelope-from owner-freebsd-fs) Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id FAA19703 for ; Mon, 27 Oct 1997 05:28:39 -0800 (PST) (envelope-from wosch@cs.tu-berlin.de) Received: from panke.panke.de (anonymous214.ppp.cs.tu-berlin.de [130.149.17.214]) by mail.cs.tu-berlin.de (8.8.6/8.8.7) with ESMTP id OAA16797; Mon, 27 Oct 1997 14:13:30 +0100 (MET) Received: (from wosch@localhost) by panke.panke.de (8.8.5/8.6.12) id NAA00568; Mon, 27 Oct 1997 13:45:04 +0100 (MET) To: Don Lewis Cc: Ollivier Robert , freebsd-fs@FreeBSD.ORG Subject: Re: disabled symlinks References: <199710271128.DAA22591@salsa.gv.tsc.tdk.com> From: Wolfram Schneider Date: 27 Oct 1997 13:45:01 +0100 In-Reply-To: Don Lewis's message of Mon, 27 Oct 1997 03:28:11 -0800 Message-ID: Lines: 23 Sender: owner-freebsd-fs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Don Lewis writes: > } > The nosymlink flag do not allow the creation of a symlink > } > on the mounted file system. > > I'd prefer an option that only affected symlinks in certain directories > (perhaps publicly writable directories). I thought about that too. May be public writable + sticky bit (mode 1777). IMHO this should be controlled by a sysctl variable 1) do not create symlinks 2) do not follow symlinks at all 3) do not follow symlinks in directories with the mode 1777 > } Could you please modify your patch not to _follow_ symlinks in order to > } disallow all symlinks in a given FS ? > > This is also reasonable, but what errno value is appropriate for syscalls > that encounter the forbidden symlinks? #define EACCES 13 /* Permission denied */ -- Wolfram Schneider http://www.apfel.de/~wosch/