From owner-freebsd-security Thu Mar 22 0:33:44 2001 Delivered-To: freebsd-security@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 04DB537B720 for ; Thu, 22 Mar 2001 00:33:41 -0800 (PST) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id TAA26651; Thu, 22 Mar 2001 19:33:18 +1100 Date: Thu, 22 Mar 2001 19:32:29 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: cjclark@alum.mit.edu Cc: "J.A. Terranson" , security@FreeBSD.ORG Subject: Re: chflags/symlinks In-Reply-To: <20010321233431.C574@cjc-desktop.users.reflexcom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 21 Mar 2001, Crist J. Clark wrote: > On Tue, Mar 20, 2001 at 05:57:23AM -0600, J.A. Terranson wrote: > > Problem: There is no way to secure (schg, etc) the link. I can > > secure the files to which they point, but not the links > > themselves. Theoretically, an attack can be launched by deleting the > > symlinks and creating new ones, rather than altering the files directly > > (as they are safe under securelevel 3). > > > > For us, the issue has been nighty cleanup routines killing the > > symlinks, and thereby breaking *everything* :-( > > > > I there is something I have missed here, I would *love* to know... I think lchflags(2) should exist someday. I first learned of this problem if private followup of PR25018 (the followup was mostly about utilities not yet actually using the new 'l' calls). > > You can schg the directory in which the symlinks are in. That of > course may or may not be practical for you. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message