> as a normal user, the system lets me do this:
>
> ln /etc/shadow /tmp/testfile
>
> it then creates testfile as the same permissions and ownership of
> /etc/shadow, thus i still cannot read it, but should it really be letting
> me do this? Also, after i create the file, i cannot remove it (since i do
> not own it). Should it really be doing this?
>
If I was being cruel I would tell you to read a book on UNIX, or go see
comp.unix.answers (or whatever its called.) This is not a Linux question -
certainly not a Linux kernel question. Instead, I'll try to explain.
When you run 'ln' you create a new directory entry to an existing file.
In order to do this, you only need permissions in the directories
involved. You don NOT create a new inode for the file, and thus you
cannot affect the permissions or ownership of the file.
You say you cannot delete the file because you don't own it. Bet
you can - again, it is only the directory permissions that are
interesting, not the file permissions.
BUT..... and its a big but, if you created the link in a directory
like '/tmp' which has permissions like:
drwxrwsrwt
the you won't be able to delete it after all. The final 't' in these
permissions is magic, and says that in this directory, only the
owner is allowed to delete files (otherwise everybody could screw
everybody else up by deleting each other's tmp files.)
Did that make sense? What you are experiencing is correct UNIX practice.
A lot of people who are new to UNIX (I'm not saying you're a newbie,
but you obviously weren't aware of this) don't fully grasp the permissions
stuff, and think they have discovered huge security holes in UNIX. They
haven't! Its designed that way. Its a feature not a bug.
-Andy
Andy Walker Kvaerner Engineering a.s.
Andrew.Walker@lysaker.kvaerner.no P.O. Box 222, N-1324 Lysaker, Norway
......if the answer isn't violence, neither is your silence......
(pwei barmy army - oslo "filial")