Re: Proposal: restrict link(2)
13 Dec 1996 23:33:01 -0000

> Worse still! The new copy of the file can have different access
> protections; it could even be made world-readable!

Um.. for what it's worth, here's an example of a case where this might
be significant.

$ mkdir groupdir
$ chmod groupdir 750
$ chgrp devel groupdir
$ cd groupdir
$ touch BetaReport
$ chgrp prof BetaReport
$ chmod 664 BetaReport
$ emacs BetaReport

If hardlinks to non-writeable files are prohibitted, then the system
would prevent BetaReport from being updated except by people who are
in both "devel" and "prof", and from being read by anyone outside
"devel". Nested directories could be used to "and" group permission
requirements, and hard links could be used to "or" group permission

As things currently stand, someone in "devel" can trivially give
write access to BetaReport to all people in "prof", even if the
intersection of devel and prof is but a small fraction of devel. The
system, as it currently stands, wouldn't even leave a record of who
did this.

Hopefully, this is enough description to allow the idea to be
discussed on its merits (or lack).