Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: Christoph Badura <email@example.com>
From: matthew green <firstname.lastname@example.org>
Date: 01/02/1997 18:31:42
So perhaps we should implement a "nosymlinks" mount option which would
disable symlinks on a file system. (Or perhaps, only the creation of
new symlinks.) That would seem like a useful option on /tmp and
/var/mail to me.
i laughted out loud when i read this. a few months back, when
the "find | xargs" problem was first generally known, i added
a ROOT_ONLY_SYMLINK option to my kernel -- only the superuser
was allowed to create symbolic links.
this perhaps is a better idea, but i think that root should
be allowed to do it regardless of this option.