Date: Mon, 8 Apr 2002 14:49:15 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: "Kurt J. Lidl" <lidl@pix.net> Cc: Michael Smith <msmith@FreeBSD.ORG>, Doug White <dwhite@resnet.uoregon.edu>, =?cp437?Q?Pawe=B3?= Jakub Dawidek <nick@garage.freebsd.pl>, freebsd-hackers@FreeBSD.ORG Subject: Re: Hardlinks... Message-ID: <20020408194915.GA1749@dan.emsphone.com> In-Reply-To: <20020408144516.B2035@pix.net> References: <20020408113423.Y81506-100000@resnet.uoregon.edu> <200204081841.g38Ifi104580@mass.dis.org> <20020408144516.B2035@pix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Apr 08), Kurt J. Lidl said: > On Mon, Apr 08, 2002 at 11:41:44AM -0700, Michael Smith wrote: > > You could also use this technique to maliciously exhaust a user's > > quota, by linking to their temporary files. I'm not sure what the > > standards have to say about this, but I don't much like the current > > behaviour. > > The truely paranoid ftruncate the file size to zero if the link count > is larger than one. .. or even if isn't, as someone might link it just before you delete it. An attacker can still exhaust your inode quota with 0-length files. I wonder if there is any reason to allow arbitrary hardlinking; maybe only allow linking of files you currently have read access to? Only files that you own? Only allow root to hardlink? How paranoid do you want to be? :) It could always be another sysctl knob. -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020408194915.GA1749>