Re: hardlinks.... sucks... ;-(
Yuri Kuzmenko (yuri@microsoft.kiev.ua)
Mon, 29 Dec 1997 13:33:02 +0200
In article <199712291104.FAA28338@jadrek.kwr> you wrote:
>And lo, Yuri Kuzmenko saith unto me:
>> Disabling of hardlink for non-readable file not help for this situation ;-( I
>> will create the patch for disable user hardlinks for not-owned files. But
>> there is _UGLY_ patch. I look for better solution. Help me, pls.
>Less stupidity on the part of the sysadmins? (I can't think of a reason
>to chown -R anything in /tmp, or anything in the home directory of a user
>who's already been created...) Not leaving luser-writable directories
>in the root partition (presumably /tmp would be a symlink to /var/tmp)
>would also help. I didn't see how your security hole worked until I
>stopped trying to think *why* root would do what you say he'd do.
Unfortunately, but files in not only root directory maybe "hacked" by users.
For example, there is foreign user files. It's maybe very important. And as
example of chown -R I saw situation when I need to change user UID (for NFS
mounts, for example). Now I have created patch for disable user-level
hardlinks for foreign files (i.e. inode->i_uid!=current->euid and
inode->i_gid!=current->egid). Yes, I know than there is standard violation,
but I need to make my system is much stable.