Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 (Tek) 9/26/83; site hammer.UUCP
Path: utzoo!linus!decvax!tektronix!orca!hammer!steveg
From: steveg@hammer.UUCP (Steve Glaser)
Newsgroups: net.bugs.4bsd
Subject: Re: Symbolic Links VS. Security
Message-ID: <1011@hammer.UUCP>
Date: Tue, 20-Nov-84 05:08:16 EST
Article-I.D.: hammer.1011
Posted: Tue Nov 20 05:08:16 1984
Date-Received: Wed, 21-Nov-84 05:35:49 EST
References: <442@unmvax.UUCP> <159@utecfa.UUCP> <150@stat-l> <4394@utzoo.UUCP> <utzoo.4649>
Reply-To: steveg@hammer.UUCP (Steve Glaser)
Organization: Tektronix, Wilsonville OR
Lines: 20
Summary: 

Symbolic links are not a security hole to "normal" users.  There is no
bypassing of normal kernel level protection checks for the directories
traversed along a pathname or for the file eventually pointed to.

The only kind of programs that can have trouble are those that try to
build restricted environments (restricted shell for instance).  Even
there, the hole is not in the normal unix protection checks, but rather
that the program implementing the restricted environment is not
sufficiently restricted.  That is certainly an issue, but it is an
incompatability issue that MAY introduce security problems into existing
restricted environments, not a security hole in the kernel protections.

Summary:

If I "chmod 700 dir" there is no NEW way that anyone other than me (or
root) can get into dir.   (where NEW means introduced by 4.2 BSD).

		Steve Glaser
		tektronix!steveg
		steveg.tektronix@csnet-relay