[Please Cc me] Scenario (this was recently brought up on linux kernel mailing list):
You have a setuid root file (say, /usr/bin/chsh). Some one creates a hard link to it (ln /usr/bin/chsh ~/bin/secret). You find out there is a security hole in the chsh binary and remove it while waiting for the security patch. One can easily miss the fact that there was more than one link to the inode. This isn't probably new to seasoned unix admins, but I do believe it is news for many new linux/unix users. Proper way (I believe) is to first chmod 0 the file, then unlink it. This perhaps doesn't address the fact that someone can have open()'ed the file and hold and open fd to it. (I'm not sure what could be done with the open fd, though, other than waste other people's quota). So chmod 0; shred -u; rm is probably what paranoid people do. The hardlinks also allow for wasting other people's quota, as you cannot remove hardlinks from directories you don't own. Truncate first will help here. I think it could be worth it to add this trivia to the rm/shred man pages - perhaps even a warning to rm -v when removing a setuid file leaves the link count as non-zero. Or a switch to rm that does chmod 0; truncate; unlink. -- "Olet siet�m�t�n tyyppi Ja mielipiteesi ovat v��ri� �l� soita t�nne en�� koskaan!" - Ultra Bra _______________________________________________ Bug-coreutils mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-coreutils
