Subject: Re: Symlink ownership
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
List: current-users
Date: 07/25/1995 21:41:46
>>>> Not quite.  The idea is to present symlinks as objects which don't
>>>> have owners ([...]).  But _something_ has to go into the st_uid
>>>> and st_gid fields of the struct stat; the choice was to copy the
>>>> ownership of the containing directory.
>>> Would it be better for the fake ownership to come from the
>>> symlink's target if one exists, and the directory if the target
>>> does not?
>> Not really; it's not uncommon to symlink to things that you don't own.
(Side note: I agree with this response.)
> Aside from the cross-device aspect, isn't it how hard links work?


Hard links (a) always have a target and (b) take on _all_ the
attributes of their target; indeed, once the link is made, there is no
way to tell which is the "original".

Symlinks, on the other hand, point to an arbitrary string (which may or
may not name any filesystem entity), and _can_ be distinguished from
their targets.

Also, anyone can make a symlink pointing anywhere.  You cannot
hard-link to something you can't access.

As chris mentioned, there are security implications.  If not carefully
done, having symlinks take on the ownership of their target if it
exists or something else if not would allow anyone to probe for the
existence and ownership of files sie shouldn't be able to determine
anything about.  (Not that I'm saying it would be hard to do right; I
don't know.  But it would require care in the implementation.)

					der Mouse