Re: Proposal: restrict link(2)

Harald Koenig (koenig@tat.physik.uni-tuebingen.de)
Fri, 13 Dec 1996 10:39:02 +0100 (MET)


> > Now, like I said, do we _REALLY_ like the connotations of being able to link
> > (and therefore modify) files that we don't have write permissions to?
>
> "And therefore modify?" I get the impression that some of the people
> who are arguing about this don't at all understand the semantics of
> link().

I get the impression that you don't read arguments of other people ?!

> If you link /etc/shadow to /tmp/shadow, you have done none of the
> following:
>
> * changed the permissions of /tmp/shadow
> * changed the owner or group owner of /tmp/shadow
>
> Not only have you not changed those, you cannot change those. You have
> created another reference to the inode, and that's all.

a hard link for non-owned files will

* clobber other user's disk quoatas, disk usage and disk space accounting etc.
* show them as "real" files in areas (e.g. /tmp) where they can be
tampered by some broken SUID programs

there are some drawbacks to allow hard links to files of other users
and no one had mentioned any real use or benefit of this "feature" so far.

just "all others do the same" and "it has been the same all the time"
are no good arguments IMHO...

Harald

--
All SCSI disks will from now on                     ___       _____
be required to send an email notice                0--,|    /OOOOOOO\
24 hours prior to complete hardware failure!      <_/  /  /OOOOOOOOOOO\
                                                    \  \/OOOOOOOOOOOOOOO\
                                                      \ OOOOOOOOOOOOOOOOO|//
Harald Koenig,                                         \/\/\/\/\/\/\/\/\/
Inst.f.Theoret.Astrophysik                              //  /     \\  \
koenig@tat.physik.uni-tuebingen.de                     ^^^^^       ^^^^^