Re: Can't hardlink in different dirs. (BUG#826)

Hans Reiser (reiser@idiom.com)
Sun, 05 Dec 1999 22:40:45 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Capouch: "Problems with ide-scsi in 2.3.xx"
Previous message: Richard Adams: "Re: fs type vfat is not supported by kernel"

Ok, I read the whole thread, and good reasons were given why it was bad, so I won't
put it in.

Also, if you are going to swear, then swear, or don't swear. References to fsck are
pretty unpleasant to read.;-)

And when Richard accuses someone else in this thread of being rude to people, it's
pretty funny.....

Hans

Hans Reiser wrote:

> "Peter J. Braam" wrote:
>
> > Hi,
> >
> > Thanks for your comments.
> >
> > 1. Coda's ctime not set on create is a bug -- I'll send a fix with the
> > other 2.3 fixes we will do over the next week or so.
> >
> > 2. Hard links across directories are not permitted. Jan explained that
> > security is an issue here.
> >
> > I think there is wrong thinking in the way Unix does things normally and
> > the security argument goes away when the following reasoning is followed.
> >
> > Unix pretends a hard link is merely a modification of a directory. Of
> > course it does add a name to new directory but it also subtly alters the
> > attributes of the file in question, since it raises the file's link count.
> >
> > A perfectly acceptable fix for the (many) problems with link are to permit
> > links only if:
> >
> > - the process can write to the target directory
> > - process can modify the attributes of the file it wants to link
> >
> > This would work fine in Coda and also solves the problem that arise from
> > people keeping hardlinks to insecure suid programs, since they normally
> > cannot change their attributes.
> >
> > Would Aegis be happy with that? Would Linux in general?
> >
> > - Peter -
>
> If you send us a patch I'll put it in ReiserFS.... unless someone else can explain
> why that would be bad....
>
> The above seems rational to me....
>
> Hans
>
> --
> Get Linux (http://www.kernel.org) plus ReiserFS
> (http://devlinux.org/namesys). If you sell an OS or
> internet appliance, buy a port of ReiserFS! If you
> need customizations and industrial grade support, we sell them.

-- Get Linux (http://www.kernel.org) plus ReiserFS (http://devlinux.org/namesys). If you sell an OS or internet appliance, buy a port of ReiserFS! If you need customizations and industrial grade support, we sell them.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian Capouch: "Problems with ide-scsi in 2.3.xx"
Previous message: Richard Adams: "Re: fs type vfat is not supported by kernel"