From owner-freebsd-security@FreeBSD.ORG  Mon Mar  8 13:10:42 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2E23C16A4CE; Mon,  8 Mar 2004 13:10:42 -0800 (PST)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.171])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 97EE443D1F; Mon,  8 Mar 2004 13:10:41 -0800 (PST)
	(envelope-from gwk@rahn-koltermann.de)
Received: from [212.227.126.208] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1B0S1I-00037S-00; Mon, 08 Mar 2004 22:10:40 +0100
Received: from [217.232.140.98] (helo=[192.168.0.3])
	by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
	id 1B0S1I-0002Sd-00; Mon, 08 Mar 2004 22:10:40 +0100
From: "Georg-W. Koltermann" <gwk@rahn-koltermann.de>
To: Pawel Jakub Dawidek <pjd@FreeBSD.org>
In-Reply-To: <20040308093642.GI10864@darkness.comp.waw.pl>
References: <20040308093642.GI10864@darkness.comp.waw.pl>
Content-Type: text/plain
Message-Id: <1078780238.1937.11.camel@localhost.muc.eu.mscsoftware.com>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.5 
Date: Mon, 08 Mar 2004 22:10:38 +0100
Content-Transfer-Encoding: 7bit
X-Provags-ID: kundenserver.de abuse@kundenserver.de
	auth:90bcaad5e51ecc993b2919ba4b74e6dc
X-Mailman-Approved-At: Tue, 09 Mar 2004 02:23:24 -0800
cc: freebsd-security@freebsd.org
Subject: Re: Call for review: restricted hardlinks.
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Mar 2004 21:10:42 -0000

When you restrict links, do you want to restrict copying as well?

Seems somewhat paranoid to me.  You already need write permission on the
directory where you create the link, and permissions are checked against
the inode on open(2) anyway.

My $0.0002.

--
Regards,
Georg.

Am Mo, den 08.03.2004 schrieb Pawel Jakub Dawidek um 10:36:
> Hi.
> 
> I've no response from so@ in this topic, probably because leak of time,
> so I'll try here.
> 
> Here is a patch that I'm planing to commit:
> 
> 	http://people.freebsd.org/~pjd/patches/restricted_hardlinks.patch
> 
> It adds two new sysctls:
> 
> 	security.bsd.hardlink_check_uid
> 	security.bsd.hardlink_check_gid
> 
> If sysctl security.bsd.hardlink_check_uid is set to 1, unprivileged users
> are not permitted to create hard links to files not owned by them.
> If sysctl security.bsd.hardlink_check_gid is set to 1, unprivileged users
> are not permitted to create hard links to files if they are not member
> of file's group.
> 
> For now user is able to create hardlinks to any files.