[patch] rm can have undesired side-effects
Kostik Belousov
kostikbel at gmail.com
Sun Nov 5 06:10:03 UTC 2006
On Sun, Nov 05, 2006 at 05:28:32AM +0100, Joerg Pernfuss wrote:
> And I still have no idea why ln(1) allows links to files the user has
> no access rights whatsoever, in a directory the owner of the file
> has no access to in the first place. And what happens when I link the
> 0600 file state_secret.doc that is owned by someone else, into a
> directory I own and set SUIDDIR? Will that then be my file and the
> original owner will be denied access on his link to the file?
> (yes, kernel support required, i know. but it would be fun.)
>
You could use security.bsd.hardlink_check_uid and
security.bsd.hardlink_check_gid sysctls to control this. By default,
they are disabled.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20061105/c8d6a0a9/attachment.pgp
More information about the freebsd-hackers
mailing list