On Sat, Jan 19, 2008 at 09:06:30PM +0100, Paul de Weerd wrote: > On Sat, Jan 19, 2008 at 08:57:10PM +0100, Otto Moerbeek wrote: > | On Sat, Jan 19, 2008 at 10:27:25AM -0800, Ted Unangst wrote: > | > | > On 1/18/08, bofh <[EMAIL PROTECTED]> wrote: > | > > I think he means sshd. And it really doesn't matter, once you make > install, > | > > you'll overwrite the vulnerable copy with the new one, and all the > hardlinks > | > > won't matter, because they'd be linked to the new file. > | > > | > except that they won't. the point of a hard link is it points to the > | > file, not the name. it's not a symlink. > | > | install(1) truncates and overwrites existing files, so the old end new > | file will have the same inode, iirc. > > $ echo apple > a > $ echo banana > b > $ ls -i > 2895709 a 2895710 b > $ install a b > $ ls -i > 2895709 a 2895711 b > > So it seems that b is unlinked before a is installed in its place. This > looks like it's not consistent with what the manpage says it does : > > If the target file already exists, it is either > renamed to file.old if the -b option is given or > overwritten if permissions allow. > > 'Overwritten' sounds more like what Otto said than the behaviour I'm > seeing.
My memory is bad. It's cp(1) that preserves inode number. install(1) does not (a hint is given with the description of the -S option). -Otto