Date: Mon, 15 Mar 1999 19:45:37 +1000 From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> To: freebsd-security@FreeBSD.ORG Subject: Re: ACL's Message-ID: <99Mar15.193324est.40331@border.alcanet.com.au>
next in thread | raw e-mail | index | archive | help
James Wyatt <jwyatt@RWSystems.net> wrote: >Anyone else remember the UseNet wag who said "Symlinks can turn your >filesystem tree into a bramblebush."? Rich Salz, perhaps? - Jy@ There's also `symbolic links: GOTO's for filesystems'. Unfortunately, I don't remember the attribution. patl@phoenix.volant.org wrote: > (It can >detect a lost race condition by opening the file, doing the unlink, >then checking the link count on the open fd before closing.) And if this check fails, what should it do? It can't replace the link. Robert Watson <robert@cyrus.watson.org> wrote: >The s/owned/writable by/ change suggested sounds reasonable also. I >update my request for broken features and/or security holes given this >change: > >link(thefile, newname) will succeed only if open(thefile, O_RDWR) would >have succeeded, and if open(newname, O_CREAT, 0) would have succeeded. This sounds much better than my suggestion to chmod the file. I can't think of any breakage offhand. Peer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Mar15.193324est.40331>