In the last Unix-like file system implementation I worked on, we specifically
prevented open(.., O_CREAT...) from following trailing symlinks (In fact, none
of the system calls that create a file follow trailing links - mknod(), mkdir(),
symlink(), bind() on AF_UNIX socket, etc.). They rather generate an EEXIST error
if there exists a symbolic link with the passed name. With this approach,
exploits of the type this thread has been discussing can't occur.
Tom
-- Tom Eastep COMPAQ Computer Corporation Enterprise Computing Group Tandem Division tom.eastep@compaq.com- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/