Re: [PATCH] Filesystem linking protections

From: Chris Wright
Date: Mon Feb 07 2005 - 14:15:19 EST

Next message: blaisorblade: "[patch 1/2] uml - kbuild: add further cleaning [before 2.6.11]"
Previous message: Dmitry Torokhov: "Re: [ATTN: Dmitry Torokhov] About the trackpad and 2.6.11-rc[23] but not -rc1"
In reply to: Lorenzo Hernández García-Hierro: "[PATCH] Filesystem linking protections"
Next in thread: Lorenzo Hernández García-Hierro: "Re: [PATCH] Filesystem linking protections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Lorenzo Hernández García-Hierro (lorenzo@xxxxxxx) wrote:
> This patch adds two checks to do_follow_link() and sys_link(), for
> prevent users to follow (untrusted) symlinks owned by other users in
> world-writable +t directories (i.e. /tmp), unless the owner of the
> symlink is the owner of the directory, users will also not be able to
> hardlink to files they do not own.
>
> The direct advantage of this pretty simple patch is that /tmp races will
> be prevented.

The disadvantage is that it can break things and places policy in the
kernel.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: blaisorblade: "[patch 1/2] uml - kbuild: add further cleaning [before 2.6.11]"
Previous message: Dmitry Torokhov: "Re: [ATTN: Dmitry Torokhov] About the trackpad and 2.6.11-rc[23] but not -rc1"
In reply to: Lorenzo Hernández García-Hierro: "[PATCH] Filesystem linking protections"
Next in thread: Lorenzo Hernández García-Hierro: "Re: [PATCH] Filesystem linking protections"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]