On Fri, 1 Dec 2006, Alexander Hall wrote:
> Heinrich Rebehn wrote:
> > Hi list,
> >
> > i am getting a daily insecurity report from my system system saying:
> >
> > ##########################################################
> > Checking special files and directories.
> > Output format is:
> > filename:
> > criteria (shouldbe, reallyis)
> > etc/pf.conf:
> > type (file, link)
> > permissions (0600, 0755)
> > ##########################################################
>
> > I do this in order to save different versions of the file.
> >
> > My question: Is a symbolic link really insecure? Or is this just a
> > deficiency of /etc/security?
No, it is not a deficiency in /etc/security. Symbolic links have their
problems, depending on where they are pointing to. Also, /etc/security
is designed to warn for non-standard things. If you are deviating from
that, you are on your own.
As for general background info, you might want to google for "symbolic
link race".
-Otto
