Date: Sun, 14 Mar 1999 13:28:52 -0800 From: Wilfredo Sanchez <wsanchez@apple.com> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Thomas Valentino Crimi <tcrimi+@andrew.cmu.edu>, freebsd-security@FreeBSD.ORG Subject: Re: ACL's Message-ID: <199903142128.NAA10220@scv2.apple.com> In-Reply-To: <wque1H200Uw_0CHFc0@andrew.cmu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
| BTW, I'd really like to get rid of hard links -- they allow users to | retain copies of setuid files after the owner thinks they are deleted. | I.e., user creates a hard link to /usr/sbin/somesetuidbin to | /usr/tmp/mytemp. Now the admin upgrades the machine, thinking they have | removed the risk of the now known buggy somesetuidbin. Is there any reason (other than "it always has been so") why users should be allowed to create hard links to files they don't own? -Fred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903142128.NAA10220>