Re: [PATCH] new syscall: flink

H. Peter Anvin (hpa@zytor.com)
7 Apr 2003 13:37:19 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Rini: "Re: [PATCH] Qemu support for PPC"
Previous message: H. Peter Anvin: "Re: [PATCH] new syscall: flink"
Maybe in reply to: Ulrich Drepper: "[PATCH] new syscall: flink"
Next in thread: Chuck Ebbert: "Re: [PATCH] new syscall: flink"

Followup to: <b6scsk$18b$1@penguin.transmeta.com>
By author: torvalds@transmeta.com (Linus Torvalds)
In newsgroup: linux.dev.kernel
>
> As others have pointed out, there is no way in HELL we can do this
> securely without major other incursions.
>

If so, we already have the security hole... and we need to fix it.

> In particular, both flink() and funlink() require that you do all the
> same permission checks that a real link() or unlink() would do. And as
> some of them are done on the _source_ of the file, that implies that
> they have to be done at open() time.

[f]link() doesn't do any checks that open() doesn't, except for the
O_RDONLY/O_WRONLY/O_RDWR flags.

-hpa

-- 
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
Architectures needed: ia64 m68k mips64 ppc ppc64 s390 s390x sh v850 x86-64
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Tom Rini: "Re: [PATCH] Qemu support for PPC"
Previous message: H. Peter Anvin: "Re: [PATCH] new syscall: flink"
Maybe in reply to: Ulrich Drepper: "[PATCH] new syscall: flink"
Next in thread: Chuck Ebbert: "Re: [PATCH] new syscall: flink"