Re: varlinks! (and 2.1.98 works for me)

Rogier Wolff (
Thu, 30 Apr 1998 01:08:51 +0200 (MET DST)

Pavel Machek wrote:
> Hi!
> > > No, no, no... you could potentially trick an app into indirecting
> > > though a symlink it otherwise wouldn't have indirected through,
> > > getting unauthorized access to a file.
> >
> > So, I still don't get it. Explain please....
> >
> > You mean something like
> What about:
> I tell at to run job /tmp/program. Tmp in fact is symlink to
> /.tmp/${UID}. At checks that I have privileges to /tmp/program, and
> places '/tmp/program' in some kind of list of things to do.
> Some time later, cron looks, and sees that luser cracker wants to exec
> /tmp/program. But, due to some things, /tmp is no longer pointer to
> /.tmp/crackeruid, it is pointer to /.tmp/gooduid. But cron does not
> know that. Cron does not check permissions, now. It already done
> so. So it executes /tmp/program. But it executes _other_, potentially
> secret, /tmp/program.

Any program that falls for this kind of problem ALREADY HAS a security
problem: anything can have changed "/tmp/program". It could have been
simply a symlink pointing here (access allowed) or there (no access

I still don't see how varlinks reduce security.


If it's there and you can see it, it's REAL      |  |
If it's there and you can't see it, it's TRANSPARENT |  Tel: +31-15-2137555  |
If it's not there and you can see it, it's VIRTUAL   |__FAX:_+31-15-2138217  |
If it's not there and you can't see it, it's GONE! -- Roy Wilks, 1983  |_____|

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to