Tightening security: not for the impatient
Posted Jul 11, 2012 21:30 UTC (Wed) by BenHutchings
In reply to: Tightening security: not for the impatient
Parent article: Tightening security: not for the impatient
Perhaps link() should be allowed to work if the user has read or write access to the file? Making a hard link to a file that cannot be read by the current user does seem to have little purpose.
If a setuid executable turns out to be exploitable, the sysadmin will (hopefully) upgrade it to a fixed version quickly. But in some filesystem configurations a malicious user could use hard links to make 'backups' of setuid executables in the expectation that one of them would later turn out to be exploitable. The hard link restrictions prevent this.
to post comments)