On Sat, Jan 19, 2008 at 09:06:30PM +0100, Paul de Weerd wrote:
> On Sat, Jan 19, 2008 at 08:57:10PM +0100, Otto Moerbeek wrote:
> | On Sat, Jan 19, 2008 at 10:27:25AM -0800, Ted Unangst wrote:
> |
> | > On 1/18/08, bofh <[EMAIL PROTECTED]> wrote:
> | > > I think he means sshd. And it really doesn't matter, once you make
> install,
> | > > you'll overwrite the vulnerable copy with the new one, and all the
> hardlinks
> | > > won't matter, because they'd be linked to the new file.
> | >
> | > except that they won't. the point of a hard link is it points to the
> | > file, not the name. it's not a symlink.
> |
> | install(1) truncates and overwrites existing files, so the old end new
> | file will have the same inode, iirc.
>
> $ echo apple > a
> $ echo banana > b
> $ ls -i
> 2895709 a 2895710 b
> $ install a b
> $ ls -i
> 2895709 a 2895711 b
>
> So it seems that b is unlinked before a is installed in its place. This
> looks like it's not consistent with what the manpage says it does :
>
> If the target file already exists, it is either
> renamed to file.old if the -b option is given or
> overwritten if permissions allow.
>
> 'Overwritten' sounds more like what Otto said than the behaviour I'm
> seeing.
My memory is bad. It's cp(1) that preserves inode number. install(1)
does not (a hint is given with the description of the -S option).
-Otto
