current-users: Re: Symlink ownership (let's go back)

Subject: Re: Symlink ownership (let's go back)
To: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
From: Tobias Weingartner <weingart@austin.BrandonU.CA>
List: current-users
Date: 08/08/1995 13:21:31

In message <199508081330.JAA06151@Collatz.McRCIM.McGill.EDU>, der Mouse writes:
> 
> > Could someone post the relevant parts of the relevant standards, so
> > we can all work on real data, please?
> 
> I'm not entirely convinced this is worthwhile, since at least a couple
> of people have been saying "let's ignore the standards on this issue,
> since the standards are broken".

Then let's get them changed.  But to get them changed, we have to know
what they are. ;-)


> > It makes little sense to have any sort of protection based on [the
> > owner and permission bits of a symlink]
> 
> I'm not sure why not; every other filesystem entity does something with
> its ownership and permissions information.  My suggested interpretation
> for the r and x bits seems fairly obvious; it's more or less what they
> mean for directories.  The 06222 bits are a bit more far-fetched, but
> still not entirely silly; indeed, set-id symlinks would be a very cheap
> way to give capabilities that did not exist before.
> 

Huh?!?  If I am missing something here, lemme know.  Imagine this:

> natasha:989> ls -al
> total 749
> drwxr-xr-x  5 weingart  staff     512 Aug  4 15:11 ./
> drwxr-xr-x  9 weingart  staff    1024 Aug  5 17:23 ../
> -rw-rw-rw-  2 weingart  staff     512 Jul 19 16:28 bar
> lr--r--r--  1 weingart  staff      11 Aug  5 17:36 foo@ -> bar
> natasha:995> id
> uid=1000(weingart) gid=20(staff) groups=20(staff)

If the permissions are significant, then I could write to ./bar, but
not to ./foo.  What is gonna prevent me from using ./bar?  Also, if
I don't have access to ./bar, then the perms on ./foo are not going
to matter.


--Toby.
*----------------------------------------------------------------------------*
| Tobias Weingartner | Email: weingart@BrandonU.Ca | Need a Unix sys-admin?  |
| Box 27, Beulah, MB |-----------------------------| Send E-Mail for resume, |
| R0M 0B0, Canada    | Unix Guru, Admin, Sys-Prgmr | and other details...    |
|----------------------------------------------------------------------------|
|      %SYSTEM-F-ANARCHISM, The operating system has been overthrown         |
*----------------------------------------------------------------------------*