Date: Wed, 28 Feb 1996 18:35:36 +1030 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: nlawson@kdat.csc.calpoly.edu (Nathan Lawson) Cc: newton@communica.com.au, security@freebsd.org Subject: Re: Suspicious symlinks in /tmp Message-ID: <199602280805.SAA16934@genesis.atrad.adelaide.edu.au> In-Reply-To: <199602272055.MAA15968@kdat.calpoly.edu> from "Nathan Lawson" at Feb 27, 96 12:55:45 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Nathan Lawson stands accused of saying: > > > > So: Not only does it not matter who owns the symlink, it also doesn't > > matter how it is chmod'ed. You can set its permissions to rwxrwxrwx > > without making a spot of difference to the accessibility of the file > > it's pointing at. > > Yes, but let's say Joe User tries out the ln -s command. Now he can't delete > his symlink. This behavior is broken. A user should not be able to create > any type of file, whether a symlink or just a normal file, that is owned > by another user. How's that supposed to work? To create it, he has to have write permissions in the destination directory; the same are required to delete it. > Like I said before, how about a justification as to the usefullness of this > behavior? I've already provided one annoying result of it. You haven't. The alternative behaviour would allow a user to create a symlink to a protected file, change the permissions on the link, and thus access the file. Lose lose lose. Think of symlinks as a redirection, not a second instance of the file (contrast hard links). > Nate Lawson -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602280805.SAA16934>