On 03/27/2014 02:57 AM, Pádraig Brady wrote: > I've attached a patch for illustration. > > However I don't like it because it doesn't deal with, > 1. fifos, device files, setuid regular files, nor, > 2. relative symlinks that traverse outside the copied hierarchy.
Actually point 2 isn't specific to this issue at all, so forget about that disadvantage. > 3. Also if you were using `cp -al source mirror`, and subsequently > wanted to use the link count to see what was added in source, > then symlinks having a link count of only 1 would mess that up. > > So given this is a system security policy that's restricting the operation, > and falling back to a less security sensitive operation has at least > the above 3 disadvantages, I'm not sure there is anything we should do here.