cvs commit: src/sys/kern vfs_syscalls.c
Pawel Jakub Dawidek
pjd at FreeBSD.org
Mon Mar 8 14:54:38 PST 2004
On Mon, Mar 08, 2004 at 08:43:36PM +0000, David Malone wrote:
+> On Mon, Mar 08, 2004 at 12:37:26PM -0800, Pawel Jakub Dawidek wrote:
+> > - security.bsd.hardlink_check_uid, when set, means, that unprivilege
+> > users are not permitted to create hard links to files not
+> > owned by them,
+> > - security.bsd.hardlink_check_gid, when set, means, that unprivilege
+> > users are not permitted to create hard links to files owned
+> > by group they don't belong to.
+>
+> Neat! I'd done something like this years ago, but couldn't figure
+> out if this should be enforced by syscall code or filesystem code.
+> I think that NFS was the main place that this made a difference, so
+> I wonder if the NFS server should know about these sysctls?
Hmm, because it is on syscall level it works for NFS mounted partitions.
If you're talking about enforcing it on NFS server side, I don't think
it really matters.
--
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20040308/4b57ec98/attachment.bin
More information about the cvs-src
mailing list