> Owners are stored in i-nodes. Directory entries are nothing but > (filename, i-node number) pairs. > > link("publicly-visible-file", "world-writable-directory/blah") > is as anonymous as > write(open("/world-writable-file", O_WRONLY), "blah", 4) True. However, one might argue that the former should fail with EPERM, unless you happen to own "publicly-visible-file". In fact, I thought I saw a patch go through here a while back that did exactly that, if "world-writable-directory" was also sticky. In general, publicly-writable directories are a bad thing. They are the cause (or at least part of the cause) of numerous vulnerabilites, most much worse than the DoS attack described here. -- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu> Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:02 PDT