On Fri, Apr 27, 2001 at 04:13:34AM -0300, Peter Cordes wrote: > > /backup/home/peter/hackfile is safely unlinked before it is opened for > writing. However, if the user has write permission in the destination > directory, there is still a race condition. If they recreate the symlink > before the open() call, you still lose. why don't you just use tar for your backups? that would eliminate all the games you can play with cp, though it may still be possible to play games with tar[0], but they would not be triggered unless you extracted the tar archive. this is just a basic rule of system adminsitration, you need to be very careful what tools you use on the user's files, another example is not doing things like chmod -R or chown -R on users home directories, as they can create hard links to other's files and get them chowned/chmoded. nonetheless its good to know about this kind of behavior. [0] none that i can think of at the moment. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpRvh2sayFh5.pgp
Description: PGP signature