From owner-cvs-all@FreeBSD.ORG Mon Mar 8 14:54:37 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD96D16A4CE; Mon, 8 Mar 2004 14:54:37 -0800 (PST) Received: from darkness.comp.waw.pl (unknown [195.117.238.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7D45D43D2D; Mon, 8 Mar 2004 14:54:37 -0800 (PST) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 02396AEA56; Mon, 8 Mar 2004 23:54:34 +0100 (CET) Date: Mon, 8 Mar 2004 23:54:34 +0100 From: Pawel Jakub Dawidek To: David Malone Message-ID: <20040308225434.GQ10864@darkness.comp.waw.pl> References: <200403082037.i28KbQ2M041691@repoman.freebsd.org> <20040308204336.GA7261@walton.maths.tcd.ie> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Dxzxec4+BSbG6TGA" Content-Disposition: inline In-Reply-To: <20040308204336.GA7261@walton.maths.tcd.ie> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern vfs_syscalls.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Mar 2004 22:54:37 -0000 --Dxzxec4+BSbG6TGA Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 08, 2004 at 08:43:36PM +0000, David Malone wrote: +> On Mon, Mar 08, 2004 at 12:37:26PM -0800, Pawel Jakub Dawidek wrote: +> > - security.bsd.hardlink_check_uid, when set, means, that unp= rivilege +> > users are not permitted to create hard links to file= s not +> > owned by them, +> > - security.bsd.hardlink_check_gid, when set, means, that unp= rivilege +> > users are not permitted to create hard links to file= s owned +> > by group they don't belong to. +>=20 +> Neat! I'd done something like this years ago, but couldn't figure +> out if this should be enforced by syscall code or filesystem code. +> I think that NFS was the main place that this made a difference, so +> I wonder if the NFS server should know about these sysctls? Hmm, because it is on syscall level it works for NFS mounted partitions. If you're talking about enforcing it on NFS server side, I don't think it really matters. --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --Dxzxec4+BSbG6TGA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFATPmqForvXbEpPzQRArCaAJ9vqCTJ9TNI4OfXiIZzeH9+D9b+pgCeMnwr SIu10xxgglCohGKwwMI9wO8= =gdrg -----END PGP SIGNATURE----- --Dxzxec4+BSbG6TGA--