Date: Sun, 14 Mar 1999 00:26:45 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: David Scheidt <dscheidt@enteract.com> Cc: The Unicorn <unicorn@blackhats.org>, freebsd-security@FreeBSD.ORG Subject: Re: ACLs Message-ID: <199903140826.AAA89058@apollo.backplane.com> References: <Pine.BSF.4.05.9903140137580.15373-100000@nathan.enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
::the number of links to the file the inode holds information on. Therefor
::any admin who is worth the money they receive for doing their task will
::know that if the number of links to a file is greater than one another
::hard link must exist. Searching the filesystem for another name
::referring the same inode is then not a really hard thing to do...
::
:
:You have to remeber to check, though. I don't look at the link count every
:time before I a rm a file. There are all sorts of people admining boxes who
:haven't sense to check for this. I suspect there are lots of otherwise
:competent people who don't even know to look for this. Removing the problem
:might be a better solution than trying to educate the world about it.
If you have your machine partitioned correctly, you do not generally
have to worry about hardlinks to system binaries ( suid or otherwise )
as users do not have access to partitions containing them.
If you are really worried about it, simply chmod and truncate the file
before removing it.
If you are truely paranoid, chmod the file, rewrite the contents with
garbarge, fsync, ( repeat 50 times ), *then* truncate and remove the
file.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903140826.AAA89058>