* xystrus (xystrus@haxm.com) wrote:
>
> Is there a good reason why a user can successfully link() a file to
> which they do not have any access?
Other than the fact that it's standard behaviour? ;-) Well, the SUS
actually makes an allowance for this:
"The implementation may require that the calling process has
permission to access the existing file."
If you are interested, the Openwall patch does just this (among other things)
http://openwall.com. Work based on Solar Designer's Openwall patch has
been brought forward to more recent 2.4 and 2.5 kernels. Both the
following projects implement the Openwall secure link feature:
http://grsecurity.net
http://lsm.immunix.org
This can break some applications that make assumptions wrt. link(2)
(Courier MTA for example).
cheers,
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 15 2002 - 22:00:20 EST