Re: hardlinks.... sucks... ;-(
Krzysztof G. Baranowski (kgb@manjak.knm.org.pl)
Mon, 29 Dec 1997 17:01:11 +0100 (MET)
While testing the million monkey theory, Yuri Kuzmenko said:
>Disabling of hardlink for non-readable file not help for this situation ;-( I
>will create the patch for disable user hardlinks for not-owned files. But
>there is _UGLY_ patch. I look for better solution. Help me, pls.
IMHO this is a Good Way(tm). You did almost the same thing that
Solar Designer had done long time ago. I'm talking about his
linux-stack-symlink patch. I think there should be SECURITY
section in kernel config, with stack-non-exec, symlink patches etc.
Of course marked as experimental and with proper warnings.
Are there any chances to have this or shall we wait for 2.3
series ? Comments, flames ?
Cheers,
Kris
--
Krzysztof G. Baranowski - President of the Harmless Manyacs' Club
"Ex sysadmin, ex kernel hacker, luser again: How to copy a file ?"
http://www.knm.org.pl/ <prezes@manjak.knm.org.pl>
Your patch on 2.1.76:
--- namei.c.orig Mon Dec 29 16:31:37 1997
+++ namei.c Mon Dec 29 16:41:52 1997
@@ -1168,6 +1168,13 @@
if (!old_dentry->d_inode)
goto exit_lock;
+ if ((old_dentry->d_inode->i_uid != current->euid) &&
+ (old_dentry->d_inode->i_gid != current->egid)) {
+ dput(old_dentry);
+ printk("*** Security warning: UID %lu try to make the hardlink from foreign file \"%s\" to \"%s\"\n",(unsigned long)current->euid,oldname,newname);
+ return -EPERM;
+ }
+
error = permission(old_dir->d_inode,MAY_WRITE | MAY_EXEC);
if (error)
goto exit_lock;