From owner-freebsd-hackers  Mon Apr  8 11:37:16 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.122.47])
	by hub.freebsd.org (Postfix) with ESMTP id 761B537B404
	for <freebsd-hackers@FreeBSD.ORG>; Mon,  8 Apr 2002 11:37:12 -0700 (PDT)
Received: from localhost (dwhite@localhost)
	by resnet.uoregon.edu (8.11.3/8.10.1) with ESMTP id g38Ibcw81942;
	Mon, 8 Apr 2002 11:37:38 -0700 (PDT)
Date: Mon, 8 Apr 2002 11:37:38 -0700 (PDT)
From: Doug White <dwhite@resnet.uoregon.edu>
To: =?ISO-8859-2?Q?Pawe=B3_Jakub_Dawidek?= <nick@garage.freebsd.pl>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: Hardlinks...
In-Reply-To: <20020408200034.C5952@garage.freebsd.pl>
Message-ID: <20020408113423.Y81506-100000@resnet.uoregon.edu>
X-All-Your-Base: are belong to us
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: 8BIT
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Mon, 8 Apr 2002, [ISO-8859-2] Paweł Jakub Dawidek wrote:

> Simple example why I think that only owner should have permission to create
> hardlinks to his files.
>
> First.
> leila:root:~# ls -l /root/very-secret-file
> -rw------  1 root  wheel  3011 13 Lut 16:47 /root/very-secret-file
>
> leila:evil-hacker:~> ln /root/very-secret-file ~/whatsthis
>
> <I need remove it fast!!!>
> leila:root:~# rm -f /root/very-secret-file

I see you forgot to 'ls -l' the resultant link ... you'll find that it has
the same permissions and ownership as the original file. Oops.

(this is not a great example. I've rearranged the commands for
illustration purposes which is why the history #s bounce around.)

wade,ttyp3,~,11>id
uid=1000(dwhite) gid=1000(dwhite) groups=1000(dwhite), 0(wheel),
5(operator), 68(dialer), 88(mysql), 998(cvs)
wade,ttyp3,~,17>ls -l /root/bin
total 2
-rwxr-xr-x  2 root  wheel  186 Feb 14  2001 copykeys.sh*
-rwxr-xr-x  1 root  wheel  186 Feb 15  2001 copykeysfd.sh*
wade,ttyp3,~,13>ln /root/bin/copykeys.sh foobaz.sh
wade,ttyp3,~,15>ls -l foobaz.sh
-rwxr-xr-x  2 root  wheel  186 Feb 14  2001 foobaz.sh*
wade,ttyp3,~,16>ls -l /root/bin/copykeys.sh
-rwxr-xr-x  2 root  wheel  186 Feb 14  2001 /root/bin/copykeys.sh*

Doug White                    |  FreeBSD: The Power to Serve
dwhite@resnet.uoregon.edu     |  www.FreeBSD.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message