[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chmod/chown -R - maybe an ITP

>>>>> "Paul" == Paul Slootman <paul@wau.mis.ah.nl> writes:

    Paul> It does its best to detect exploits (such as symlink stuff),
    Paul> but those are a different set of exploits to the ones
    Paul> applicable to chown/chgrp actions. Specifically the fact
    Paul> that you can hardlink any file you can see is the cause of
    Paul> trouble there. IMHO that "feature" should be disabled in the
    Paul> kernel.

I tend to agree with this - I don't think there is ever any need
to hard link to a file you don't own for instance.

However, such a solution would be specific to Linux...

Brian May <bam@debian.org>

Reply to: