Date: Mon, 15 Mar 1999 10:08:16 -0700 (MST) From: Paul Hart <hart@iserver.com> To: David Scheidt <dscheidt@enteract.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ACLs Message-ID: <Pine.BSF.3.96.990315092531.7422E-100000@anchovy.orem.iserver.com> In-Reply-To: <Pine.BSF.4.05.9903140137580.15373-100000@nathan.enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 14 Mar 1999, David Scheidt wrote: > You have to remeber to check, though. I don't look at the link count every > time before I a rm a file. There are all sorts of people admining boxes who > haven't sense to check for this. I suspect there are lots of otherwise > competent people who don't even know to look for this. Removing the problem > might be a better solution than trying to educate the world about it. But that assumes that hard links are always a problem in the first place, which is just not true. Is it really too hard to do a chmod 0 on a SUID binary before removing it? No useful race conditions, no possibility of privilege hijacking through keeping a covert link to the binary that I can see. As was mentioned about these types of admins, "holding their hand by duct-taping foam rubber over a couple of sharp edges isn't doing them any favors at all." I will concede that I am a UNIX purist. Discussion of removing a very useful and long-standing ability of UNIX just because novice admins might not understand it doesn't fly with me. It's kind of like someone saying "oh, using file modes to mark programs as executable is too hard to understand for UNIX novices -- let's make it so that every executable in FreeBSD has to have a filename that ends in '.exe' and that way we can do away with the execute bits in file modes." Would I be the only person that found idea that horribly repulsive? > Programs which do different things depending on the name they are invoked > under is not a feature. I've always thought this was kind of clever, myself. Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990315092531.7422E-100000>