Re: Proposal: restrict link(2)

Jan Klabacka (
Fri, 13 Dec 1996 23:15:26 +0100

I just spent some time with all the stuff concerning link(2) and
Quota problem. I think (although I am not expert writing kernel code
each day) that I have something to tell here (among most of all
others wasting time here - with only some exceptions):

1. There is many people which do not understand file systems in UNIX
at all (not only in this group, I have seen lots of them), but I
think its structure became clear enough so that it is not necessary
to write anything about it here (moreover, there is probably lots of
better experts which even wrote piece of code for it so that they
can explain better).

2. I see two remaining problems after previous filtering of many
points of view:
- security holes caused by suid programs writing to files
eventually linked to /tmp
- quota problems (linking to inodes from directories not
accessible to original owners)

Security holes
I think these are not kernel issue at all. Moreover, this is valid for
any directories, not only /tmp, with remark that /tmp is directory
where programs very often create temporary files, and if it is suid
program written without knowledge of problem ....

Quota problems
In history of UNIX I had seen one (early SVR4) where it was even
possible for ordinary non-privileged user to issue command
'chown root:sys file' (of course it had to reset -s- bits). I do not
know if it is still true (probably not), other today's unixes do not
do this either, but what you would tell to this (in this case, one can
actively use some other's quota space instead of waiting to have
possibility to create link, but it makes the same result - well, nearly).

I also feel that this thread related to security problem should finish
and also that it should possibly continue as problem related to

Jan Klabacka
Telenor Czech Republic

Phone: +42 2 311 97 71
+42 2 311 97 73
Fax: +42 2 311 82 17