From owner-freebsd-hackers  Wed Feb 22 13:29:55 1995
Return-Path: hackers-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id NAA04526 for hackers-outgoing; Wed, 22 Feb 1995 13:29:55 -0800
Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id NAA04519 for <hackers@FreeBSD.ORG>; Wed, 22 Feb 1995 13:29:48 -0800
Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1])
	by ibp.ibp.fr (8.6.8/jtpda-5.0) with SMTP id WAA25070
	for <hackers@FreeBSD.ORG>; Wed, 22 Feb 1995 22:31:24 +0100
Received: by blaise.ibp.fr (4.1/SMI-4.1)
	id AA01417; Wed, 22 Feb 95 22:29:03 +0100
Received: (from roberto@localhost) by keltia.frmug.fr.net (8.6.9/keltia-uucp-1.21) id VAA18483 for hackers@FreeBSD.ORG; Wed, 22 Feb 1995 21:38:02 +0100
From: Ollivier Robert <Ollivier.Robert@keltia.frmug.fr.net>
Message-Id: <199502222038.VAA18483@keltia.frmug.fr.net>
Subject: Symbolic links in dirs with 't' bit ???
To: hackers@FreeBSD.org
Date: Wed, 22 Feb 1995 21:37:59 +0100 (MET)
Reply-To: roberto@blaise.ibp.fr (Ollivier Robert)
X-Operating-System: FreeBSD 2.1.0-Development ctm#373
X-Mailer: ELM [version 2.4 PL24]
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Content-Length: 2495      
Sender: hackers-owner@FreeBSD.org
Precedence: bulk


He's right, I do not think it is a good behaviour of symlinks... You should
be able to delete any file/link you've created in a public directory.


------- start of forwarded message -------
Newsgroups: comp.os.386bsd.bugs,comp.os.386bsd.questions,comp.security.unix
From: bag@monolit.kiev.ua (Andrey Blochintsev)
Subject: Symbolic links in dirs with 't' bit ???
Organization: CS/MONOLIT Network Centre
Date: Wed, 22 Feb 1995 16:27:26 GMT


The FreeBSD 2.0 man  for symlink(7) say:

|     Unlike other filesystem objects, symbolic links do not have an owner,
                                                                     ^^^^^
|     group, permissions, access and modification times, etc.  The only at-
|     tributes returned from an lstat(2) that refer to the symbolic link itself
|     are the file type (S_IFLNK), size, blocks, and link count (always 1).
|     The other attributes are filled in from the directory that contains the
|     link.  For portability reasons, you should be aware that other implemen-
|     tations (including historic implementations of 4BSD), implement symbolic
|     links such that they have the same attributes as any other file.

In many Unix'es directories for temporary files (/tmp, /var/tmp)
have permissions like this:
drwxrwxrwt 12 root  wheel    512 Feb 22 17:16 /tmp
         ^ Sticky bit set. This mean that user can delete
(or rename) file from this directory only if he have write access to
this directory and he is a owner of this file (last condition changed
to 'have write access to file' in some unix'es).
FreeBSD-2.0 realization of symlink's allow symlink creation
at any writable by user directory but don't allow always remove it.

For example:

bag@im /tmp > make file
bag@im /tmp > ln -s file symlink
bag@im /tmp > ls -laFgd /tmp
-rw-r--r--  1 bag   wheel  11604 Feb 22 17:15 /tmp/file
lrwxrwxrwt  1 root  wheel      4 Feb 22 17:16 /tmp/symlink@ -> file
drwxrwxrwt 12 root  wheel    512 Feb 22 17:16 /tmp/
bag@im /tmp > rm file symlink 
rm: symlink: operation not permitted


This problem can be solved if I remove 't' bit from all directories (or 
hack kernel to disable 't' bit), but this also decrease a security of system. 
So, does symlink owner and group must be reinserted into system ?

Any suggestion is appreciated


Andrey

------- end of forwarded message -------

-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.frmug.fr.net
      FreeBSD keltia 2.1.0-Development #9: Sat Feb 18 19:21:00 MET 1995