Re: Hard link creation witout write access

To: Taylor R Campbell <riastradh%netbsd.org@localhost>
Subject: Re: Hard link creation witout write access
From: Crystal Kolipe <kolipe.c%exoticsilicon.com@localhost>
Date: Thu, 7 Sep 2023 08:56:52 -0300

On Thu, Sep 07, 2023 at 11:25:42AM +0000, Taylor R Campbell wrote:
> Today I learned that you can create hard links to a file you don't own
> and can't write to or even read from:
> 
> $ su -l root -c 'touch /tmp/foo && chmod 600 /tmp/foo'
> $ ln /tmp/foo /tmp/bar
> 
> This strikes me as bonkers and a likely source of security issues.

It was probably less of a concern in the past when the POSIX recommendations
were made because BSD systems typically spread the principle directories out
over various filesystems, and of course you can't hard-link across such
different devices.

So it certainly seems reasonable to re-visit it now that this is not the case
and a regular user could more easily create unexpected hard links to system
files.

References:
- Hard link creation witout write access
  - From: Taylor R Campbell

Prev by Date: Re: Hard link creation witout write access
Next by Date: Re: Hard link creation witout write access
Previous by Thread: Re: Hard link creation witout write access
Next by Thread: Re: Hard link creation witout write access
Indexes:

Home | Main Index | Thread Index | Old Index