[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20091029203500.GB30747@elf.ucw.cz>
Date: Thu, 29 Oct 2009 21:35:00 +0100
From: Pavel Machek <pavel@....cz>
To: Casey Schaufler <casey@...aufler-ca.com>
Cc: kernel list <linux-kernel@...r.kernel.org>
Subject: Re: symlinks with permissions (fwd)
Hi!
> >> Do you know of any cases where this difference matters in practice?
> >>
> >
> > Actually yes, see the bugtraq post. guest was able to write to my file
> > when I expected that file to be protected.
> >
> > According to the bugtraq discussion, people expect directory
> > permissions to work.
>
> Gawd, I hate to say this, but people have been improperly educated
> if they expect directory permissions to behave thusly. You can not
> count on the permissions on a directory to protect access on a file
> that the directory contains a reference to. Hard links. Mount points.
> /proc/8675309/fd. Passing file descriptors over sockets. Fork, for
> heaven's sake. That's not how Linux directories really work.
Actually it was how Unix directories really worked, before Linux /proc
came around and broke it.
See the bugtraq; yes, hardlinks are similar, but at least you see them
on ls -l. Mount points are root-only. And you can't use fork to
upgrade "read-only" filedescriptor to read write.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists