From owner-cvs-sys Tue Apr 1 13:59:44 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA04853 for cvs-sys-outgoing; Tue, 1 Apr 1997 13:59:44 -0800 (PST) Received: from sovcom.kiae.su (sovcom.kiae.su [193.125.152.1]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA04841; Tue, 1 Apr 1997 13:59:36 -0800 (PST) Received: by sovcom.kiae.su id AA15662 (5.65.kiae-1 ); Wed, 2 Apr 1997 00:51:24 +0300 Received: by sovcom.KIAE.su (UUMAIL/2.0); Wed, 2 Apr 97 00:51:24 +0300 Received: (from ache@localhost) by nagual.ru (8.8.5/8.8.5) id BAA00724; Wed, 2 Apr 1997 01:46:42 +0400 (MSD) Date: Wed, 2 Apr 1997 01:46:39 +0400 (MSD) From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= To: Peter Wemm Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-sys@freefall.freebsd.org Subject: Re: cvs commit: src/sys/kern vfs_syscalls.c src/sys/ufs/ufs ufs_lookup.c ufs_vnops.c In-Reply-To: <199703311814.CAA16522@spinner.DIALix.COM> Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-sys@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 1 Apr 1997, Peter Wemm wrote: > Yes, it could be done if chflags() was changed to not follow symlinks, or > by creating lchflags(). Both options are easy, it probably makes sense to be > able to create an unchangeable symlink, especially for a system with > securelevel > 0. I asked about this before, I think. Also, Bruce > mentioned flags too. > > For consistancy, lchflags() would be best, but I wonder if we can have > syscalls > 256 - because the rate that they are being used up between the > three *BSD projects, we're going to have find out.. I think chflags() must _not_ follow symlink. This call related to security and links can evilly points everywhere forcing root for unwanted actions. F.e. you do "chflags -R /dir" and bad guy place symlink to another dir there... -- Andrey A. Chernov http://www.nagual.ru/~ache/