tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Hard link creation witout write access



Greg Troxel <gdt%lexort.com@localhost> writes:

>> Apparently we have sysctl knobs
>>
>> security.models.extensions.hardlink_check_uid
>> security.models.extensions.hardlink_check_gid
>>
>> to prohibit this bonkers linking, by prohibiting anyone but the owner
>> (hardlink_check_uid) or members of the group (hardlink_check_gid) from
>> creating hard links.  But the knobs are off by default.

Also, why is "check_gid" rational?  While posix admits all sorts of
stuff, the issue is semi-obviously "am I allowed to do stuff with this
file" and "is my gid the same" seems unlikely to be right.   So perhaps
those should be dropped in favor of hardlink_check_access.



Home | Main Index | Thread Index | Old Index