Date: Sun, 14 Mar 1999 16:35:50 -0500 From: Jared Mauch <jared@puck.Nether.net> To: Wilfredo Sanchez <wsanchez@apple.com> Cc: Robert Watson <robert+freebsd@cyrus.watson.org>, Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>, freebsd-security@FreeBSD.ORG Subject: Re: ACL's Message-ID: <19990314163550.C20987@puck.nether.net> In-Reply-To: <199903142128.NAA10220@scv2.apple.com>; from Wilfredo Sanchez on Sun, Mar 14, 1999 at 01:28:52PM -0800 References: <wque1H200Uw_0CHFc0@andrew.cmu.edu> <199903142128.NAA10220@scv2.apple.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 14, 1999 at 01:28:52PM -0800, Wilfredo Sanchez wrote: > | BTW, I'd really like to get rid of hard links -- they allow users to > | retain copies of setuid files after the owner thinks they are deleted. > | I.e., user creates a hard link to /usr/sbin/somesetuidbin to > | /usr/tmp/mytemp. Now the admin upgrades the machine, thinking > they have > | removed the risk of the now known buggy somesetuidbin. > > Is there any reason (other than "it always has been so") why users > should be allowed to create hard links to files they don't own? I personally can't think of one. What would be interesting would be to see a kernel option for it, have some folks test it, and see what might break from this going on. - Jared -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990314163550.C20987>