Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 08 Apr 2002 15:40:00 -0700
From:      Terry Lambert <tlambert2@mindspring.com>
To:        Michael Smith <msmith@freebsd.org>
Cc:        Doug White <dwhite@resnet.uoregon.edu>, "=?iso-8859-1?Q?Pawe=B3?= Jakub   Dawidek" <nick@garage.freebsd.pl>, freebsd-hackers@FreeBSD.ORG
Subject:   Re: Hardlinks...
Message-ID:  <3CB21C40.A62B442@mindspring.com>
References:  <200204081841.g38Ifi104580@mass.dis.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Michael Smith wrote:
> You misunderstand the original poster's complaint.
> 
> The issue is that a non-owner can cause the owner's file to remain alive
> even after the owner has deleted it.  Hence the comment about "later
> breakin".
> 
> You could also use this technique to maliciously exhaust a user's quota,
> by linking to their temporary files.  I'm not sure what the standards
> have to say about this, but I don't much like the current behaviour.

I think that making the links in temporary directories should
not be allowed, by dint of the t bit in the user of the
directory in which the file is being created.

I think the problem with someone else making a link to my
file and keeping it around is an issue of access controls
to the file itself, and not really a problem: e.g. if you
want to avoid it, don't rely on obscurity, and don't permit
exterior access to the files.

Actually, people have complained about not having a "flink(2)"
call to create a directory entry for an open file.  I think
if this were there, then the problem would be genuine; but
without it, it's a matter of controlling access to the files.

I wouldn't be opposed to a patch that prevented creation of
links to files you don't own, if the 't' bit were set on the
wource or destination directory, but which would permit the
operation otherwise.

I think a patch that disallowed it entirely would break
/var/spool/lock based locking.  8-(.

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CB21C40.A62B442>