Date: Sun, 14 Mar 1999 10:18:10 +0300 (MSK) From: "Ilmar S. Habibulin" <ilmar@ints.ru> To: Robert Watson <robert@cyrus.watson.org> Cc: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>, freebsd-security@FreeBSD.ORG Subject: Re: ACL's Message-ID: <Pine.BSF.4.05.9903141010220.14764-100000@ws-ilmar.ints.ru> In-Reply-To: <Pine.BSF.3.96.990313192214.2563A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 13 Mar 1999, Robert Watson wrote: > BTW, I'd really like to get rid of hard links -- they allow users to > retain copies of setuid files after the owner thinks they are deleted. > I.e., user creates a hard link to /usr/sbin/somesetuidbin to > /usr/tmp/mytemp. Now the admin upgrades the machine, thinking they have > removed the risk of the now known buggy somesetuidbin. But hard links are the UFS ideology is suppose. In my MAC implementation i limit number of hard links to a file with MAC level more than zero. It was done with the same thought im mind, as yours about suidbin. I have to make sure that this file is zero deleted after unlinking. And if i have another copy - it doesn't unlink at all. ;-) So my proposal is - maybe we should limit number of hard links on some files? PS. Sorry for bad english. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9903141010220.14764-100000>