Subject: Re: /etc/security, mtree, and links to files and directories
To: Andrew Brown <atatat@atatdot.net>
From: Perry E. Metzger <perry@wasabisystems.com>
List: tech-security
Date: 05/15/2002 22:25:45
Andrew Brown <atatat@atatdot.net> writes:
> can anyone think of any security risks associated with mtree always
> following all the symlinks?  or...not warning if it finds one where it
> expected a file or a directory?

I'd suggest that we instead invent a syntax saying "it is okay if this
entry is a symlink if the destination has the right perms" and apply
that to the named.conf entry. It gives us more flexibility at the very
least.

Perry
--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/