Re: Symlink security...

Richard Gooch (rgooch@atnf.CSIRO.AU)
Sun, 25 Jan 1998 18:57:21 +1100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Perry Harrington: "Re: OFFTOPIC: GGI and alternative GUIs and windowing systems in Linux -LONG"
Previous message: Perry Harrington: "OFFTOPIC: GTK and alternative GUIs and windowing systems in Linux"

James Mastros writes:
> I'm currently writing a patch to have owners and permissions effect
> symlinks...
>
> Here are the semantics I'm looking at:
> read -- allow readlink
> write -- can change the destination
> execute -- can follow
>
> I am uncertian what meening the sticky bit should have (if any), and I'm not
> going to attempt to implement setuid/setgid, as I would probably introduce
> security holes...
>
> I have some questions:
> 1) How is a link written to (in userspace)? (Is there any way to do so, at
> present, without removing the link and recreating it?)
> 2) Should I change chmod to not follow links, or should I make a lchown call?

I think you really mean "should I make a lchmod call". I urge you to
do that, rather than change chmod(2) to affect the link. We now have
chown(2) and lchown(2) (whoever did that: thank you), and standard
behaviour for chmod(2) is to follow the link.
So, please, create lchmod(2).

Regards,

Richard....

Next message: Perry Harrington: "Re: OFFTOPIC: GGI and alternative GUIs and windowing systems in Linux -LONG"
Previous message: Perry Harrington: "OFFTOPIC: GTK and alternative GUIs and windowing systems in Linux"