I can usually do the same attack with hard links.

James

>
>>         1. The pid space is small (2^16 generally), so instead of targeting
>>            a specific pid all the attacker has to do is target them all. This
>>            is by no means hard on any modern system. Even increasing the pid
>>            space to 2^32 won't increase the overall work required beyond
>>            anything a modern system can't perform.
>
>What about a way of disabling symlinks on a mounted partition altogether?
>Or will this break too many programs to be useful?
>
>Jared
>
>
>
>
>