Standards, the kernel, and Postfix
Posted Aug 21, 2008 10:27 UTC (Thu) by rwmj
In reply to: Standards, the kernel, and Postfix
Parent article: Standards, the kernel, and Postfix
I find it a bit odd that a normal user can do things like this:
ln /etc/shadow ~/myfile
and control where system files show up in the file system.
Not just odd, but a security problem too. A user can
ln /usr/sbin/sendmail ~/sendmail
then wait for a security bug to be reported in sendmail.
Even though the administrator upgrades
the buggy setuid sendmail is still available in the user's home directory.
This is one reason to have separate root and /usr partitions,
because hardlinking across filesystems isn't possible.
to post comments)