On Fri, 3 Dec 1999, Andrea Arcangeli wrote:
> Really it seems nobody cares about the implications of the problem and if
> nobody needs the change I don't need it either for myself. So probably
> it's better to put the change in an unofficial patch (for example in the
> Solar's secure-linux patch with the stack not executable stuff?) so very
> special cases will have a way to go with linux.
Actually Solar's patch has something like this implemented, hidden
behind the {[*] Restricted links in /tmp} config option, but it is even
more restrictive with hardlinks, it allows only the owner to make
hardlinks. Since it breaks some software like the mailman mailing list
manager, I proposed him to allow hardlinks on files with write access, he
said it still has some security implications but he'd think about it, I
don't know what happened since...
--
Madarasz Gergely [EMAIL PROTECTED] [EMAIL PROTECTED]
It's practically impossible to look at a penguin and feel angry.
Egy pingvinre gyakorlatilag lehetetlen haragosan nezni.
HuLUG: http://mlf.linux.rulez.org/
