From owner-freebsd-current  Sun Jun 17 18: 0:26 2001
Delivered-To: freebsd-current@freebsd.org
Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67])
	by hub.freebsd.org (Postfix) with ESMTP id 209A137B406
	for <current@FreeBSD.ORG>; Sun, 17 Jun 2001 18:00:17 -0700 (PDT)
	(envelope-from dillon@earth.backplane.com)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.3/8.11.2) id f5I106A09487;
	Sun, 17 Jun 2001 18:00:06 -0700 (PDT)
	(envelope-from dillon)
Date: Sun, 17 Jun 2001 18:00:06 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200106180100.f5I106A09487@earth.backplane.com>
To: "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc: Jordan Hubbard <jkh@osd.bsdi.com>, bde@zeta.org.au,
	imp@harmony.village.org, steveo@eircom.net, david@catwhisker.org,
	current@FreeBSD.ORG
Subject: Re: symlink(2) [Was: Re: tcsh.cat]
References: <200106170518.f5H5I6V44586@harmony.village.org> <Pine.BSF.4.21.0106172154520.582-100000@besplex.bde.org> <20010617113141A.jkh@osd.bsdi.com> <20010617231418.A60728@nagual.pp.ru> <200106172128.f5HLSe108208@earth.backplane.com> <20010618015913.A45621@nagual.pp.ru> <200106172204.f5HM46608526@earth.backplane.com> <20010618021122.A45861@nagual.pp.ru> <200106180026.f5I0QGR09184@earth.backplane.com> <20010618044330.B54578@nagual.pp.ru>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


:There is nothing to fix. Sometimes 'make install' instead 'make
:installworld' typed can produce this. Of course, install procedure can be
:complicated to make it foolprof, but I think the system must be fixed
:instead to not resolve illegal names. It is not good idea to
:produce workarounds of illegal names out of the system.
:
:-- 
:Andrey A. Chernov

    Ok, I took a look at Bruce's original example, which is:

    ln -s "" X

    If you were to then do something like "ls -la X/." you would get
    the root directory, and "ls -la X/" tries to list the current 
    directory, and "cp -r X Y" tries to recursively copy the current
    directory, and fails.

    I think we can safely disallow path lookups going through empty symlinks
    (i.e. at the time of the open(), lstat(), etc...), but we should not 
    go changing the "ln" command or the symlink() system call.

    In regards to Bruce's second example:

	$ rm -f foo
	$ ln -s /nonesuch foo
	$ cp foo bar

    Well, ok, if what the symlink points to does not exist 'cp' goes and 
    copies the symlink instead.  This seems harmless to me.

    I still don't see how any of this is a security issue, though.

						-Matt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message