Date: Wed, 2 Apr 1997 01:46:39 +0400 (MSD) From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru> To: Peter Wemm <peter@spinner.dialix.com> Cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-sys@freefall.freebsd.org Subject: Re: cvs commit: src/sys/kern vfs_syscalls.c src/sys/ufs/ufs ufs_lookup.c ufs_vnops.c Message-ID: <Pine.BSF.3.96.970402014340.712A-100000@nagual.ru> In-Reply-To: <199703311814.CAA16522@spinner.DIALix.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Apr 1997, Peter Wemm wrote: > Yes, it could be done if chflags() was changed to not follow symlinks, or > by creating lchflags(). Both options are easy, it probably makes sense to be > able to create an unchangeable symlink, especially for a system with > securelevel > 0. I asked about this before, I think. Also, Bruce > mentioned flags too. > > For consistancy, lchflags() would be best, but I wonder if we can have > syscalls > 256 - because the rate that they are being used up between the > three *BSD projects, we're going to have find out.. I think chflags() must _not_ follow symlink. This call related to security and links can evilly points everywhere forcing root for unwanted actions. F.e. you do "chflags -R /dir" and bad guy place symlink to another dir there... -- Andrey A. Chernov <ache@null.net> http://www.nagual.ru/~ache/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970402014340.712A-100000>