The trouble with symbolic links
The trouble with symbolic links
Posted Jul 12, 2022 8:33 UTC (Tue) by koverstreet (✭ supporter ✭, #4296)Parent article: The trouble with symbolic links
Perhaps we should add a mount option to disable following symlinks that are
- not owned by the current user
- not owned by the root user
- that point to a different uid/gid as the symlink
- not owned by the current user
- not owned by the root user
- that point to a different uid/gid as the symlink
Are there any attacks that would miss?
Posted Jul 12, 2022 12:30 UTC (Tue)
by jengelh (guest, #33263)
[Link]
The trouble with symbolic links
A feature like that has existed for a long time in grsec as a build-time option. Found a mirror at e.g. https://github.com/hannob/symlinkown .