Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/5/84; site mordor.UUCP
Path: utzoo!watmath!clyde!cbosgd!ihnp4!zehntel!dual!mordor!jdb
From: jdb@mordor.UUCP (John Bruner)
Newsgroups: net.bugs.4bsd
Subject: Re: Re: Symbolic Links VS. Security
Message-ID: <451@mordor.UUCP>
Date: Wed, 21-Nov-84 15:35:47 EST
Article-I.D.: mordor.451
Posted: Wed Nov 21 15:35:47 1984
Date-Received: Sat, 24-Nov-84 02:38:18 EST
References: <442@unmvax.UUCP> <159@utecfa.UUCP> <150@stat-l> <4394@utzoo.UUCP> <utzoo.4649> <1011@hammer.UUCP>
Organization: S-1 Project, LLNL
Lines: 15

Symbolic links DO create additional security problems.  The presence
of symbolic links in 4.2BSD widens a security hole that existed in
4.1BSD (and I believe also exists in System V) into a yawning chasm.
I don't want to elaborate on this, other than to say that sometimes
it was indeed a feature that you could not hard link across filesystems.

I'm not opposed to symbolic links, but I do believe that more thought
should have been given to their implementation.  As just one example, 
the implementation of "chown" and "chmod" with respect to links is
inconsistent.  "chown" changes the owner of a link, but "chmod"
changes the mode of the file that the link points to.
-- 
  John Bruner (S-1 Project, Lawrence Livermore National Laboratory)
  MILNET: jdb@mordor.ARPA [jdb@s1-c]	(415) 422-0758
  UUCP: ...!ucbvax!dual!mordor!jdb 	...!decvax!decwrl!mordor!jdb