Call for review: restricted hardlinks.

CédricDevillers cedric.devillers at script.jussieu.fr
Tue Mar 9 00:17:03 PST 2004


If you create several partition ( /var /usr /home ), this problem is
resolved. Generally, in /usr, there are no directory write-able for all.
If you have a partition for /usr, no hard link to a set-uid binary ( in
the /usr tree ) is possible.


On Mon, 8 Mar 2004 23:08:28 +0100
Pawel Jakub Dawidek <pjd at freebsd.org> wrote:

> On Mon, Mar 08, 2004 at 10:10:38PM +0100, Georg-W. Koltermann wrote:
> +> When you restrict links, do you want to restrict copying as well?
> +> 
> +> Seems somewhat paranoid to me.  You already need write permission
> on the+> directory where you create the link, and permissions are
> checked against+> the inode on open(2) anyway.
> 
> This is because this gives an attacker some possibilities.
> For example he is able to create hard link to some set-uid binary.
> After some time, a security-related bug will be found in this
> application, administrator will change it with good version, but old,
> vulnerable version will be still in system.
> Administrator have to be really careful when fixing such problems
> and check number of hard links or just remove such program using 'rm
> -P'.
> 
> -- 
> Pawel Jakub Dawidek                       http://www.FreeBSD.org
> pjd at FreeBSD.org                           http://garage.freebsd.pl
> FreeBSD committer                         Am I Evil? Yes, I Am!
> 


More information about the freebsd-security mailing list