Re: Proposal: restrict link(2)

Alan Cox (
Sat, 14 Dec 1996 00:20:02 +0000 (GMT)

> Difficult, perhaps, but not impossible. Just program with a devious
> mindset. In case of this particular problem, make sure that you don't
> chown() the file, but rather open() it, fstat() it, stat() it, then fchown()
> it. It can't get much safer than that.

Linux 2.1.15 has the ability to pass secure access right information
(userid etc) between processes over unix sockets. IMHO You can now build
a client/server based unix setup for all the priviledged operations without
a setuid binary on the system.