Re: Symlinks vs. hardlinks

To: debian-user@lists.debian.org
Subject: Re: Symlinks vs. hardlinks
From: "Thomas Schmitt" <scdbackup@gmx.net>
Date: Tue, 05 Jan 2016 11:08:11 +0100
Message-id: <[🔎] 6366573488439512306@scdbackup.webframe.org>
In-reply-to: <[🔎] 20160105080419.GB23165@tuxteam.de>
References: <[🔎] 20160105080419.GB23165@tuxteam.de>

Hi,

tomas@tuxteam.de wrote:
> > >   tomas@rasputin:~$ ln /home/test/.profile test-profile
> > >   ln: failed to create hard link `test-profile' =>
> > > `/home/test/.profile': Operation not permitted

Seems to be a new security feature.

In "man 5 proc" i read
  "/proc/sys/fs/protected_hardlinks (since Linux 3.6)
   ...
   When the value in this file is 1, a hard
   link  can be created to a target file only if one of the follow‐
   ing conditions is true:
   ...
   *  The caller has the CAP_FOWNER capability.
   *  The filesystem UID of the process creating the link matches
      the  owner  (UID) of the target file [...]
   *  All of the following conditions are true:
      ...
      ·  the caller has  permission to read and write the target
         file
"

So it is not enough to have w-permission of the directory where
the new link shall emerge. Ownership or rw-permission of the target
file is needed, too.

The described behavior is in effect here:

  $ cat /proc/sys/fs/protected_hardlinks
  1


Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- Re: Symlinks vs. hardlinks
  - From: <tomas@tuxteam.de>

References:
- Symlinks vs. hardlinks [was: Prevent shutdown with systemctl]
  - From: <tomas@tuxteam.de>

Prev by Date: Re: Prevent shutdown with systemctl
Next by Date: Re: Symlinks vs. hardlinks
Previous by thread: Symlinks vs. hardlinks [was: Prevent shutdown with systemctl]
Next by thread: Re: Symlinks vs. hardlinks
Index(es):
- Date
- Thread