Subject: Re: Symlink ownership
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
List: current-users
Date: 08/06/1995 07:46:44
>> By why aren't they?  It would make perfect sense, to me, for the r
>> permission to control who can readlink() the link and x to control
>> who can follow it during a normal path walk.
> Well, if you have x permission, then you can follow the link, find
> out where it pointed, and do a pretty fair job of deducing it's
> contents even without readlink() access.

Not really, especially if it points to a non-directory (all you can get
is a dev/ino pair) or through a mode --x directory (you can't getwd()
your way back up from it).  Or if you implement setuid symlinks as I
suggested in a message I sent a few minutes ago, it could point through
a mode 700 directory that you can't do _anything_ with.

					der Mouse