On Sun, 5 Nov 2006 08:09:23 +0200 Kostik Belousov <[EMAIL PROTECTED]> wrote:
> On Sun, Nov 05, 2006 at 05:28:32AM +0100, Joerg Pernfuss wrote:
> > And I still have no idea why ln(1) allows links to files the user
> > has no access rights whatsoever, in a directory the owner of the
> > file has no access to in the first place. And what happens when I
> > link the 0600 file state_secret.doc that is owned by someone else,
> > into a directory I own and set SUIDDIR? Will that then be my file
> > and the original owner will be denied access on his link to the
> > file? (yes, kernel support required, i know. but it would be fun.)
> >
> You could use security.bsd.hardlink_check_uid and
> security.bsd.hardlink_check_gid sysctls to control this. By default,
> they are disabled.
Ah, thank you.
Joerg
--
| /"\ ASCII ribbon | GnuPG Key ID | e86d b753 3deb e749 6c3a |
| \ / campaign against | 0xbbcaad24 | 5706 1f7d 6cfd bbca ad24 |
| X HTML in email | .the next sentence is true. |
| / \ and news | .the previous sentence was a lie. |
signature.asc
Description: PGP signature
