On Mon, 8 Apr 2002, [ISO-8859-2] Paweł Jakub Dawidek wrote: > Simple example why I think that only owner should have permission to create > hardlinks to his files. > > First. > leila:root:~# ls -l /root/very-secret-file > -rw------ 1 root wheel 3011 13 Lut 16:47 /root/very-secret-file > > leila:evil-hacker:~> ln /root/very-secret-file ~/whatsthis > > <I need remove it fast!!!> > leila:root:~# rm -f /root/very-secret-file
I see you forgot to 'ls -l' the resultant link ... you'll find that it has the same permissions and ownership as the original file. Oops. (this is not a great example. I've rearranged the commands for illustration purposes which is why the history #s bounce around.) wade,ttyp3,~,11>id uid=1000(dwhite) gid=1000(dwhite) groups=1000(dwhite), 0(wheel), 5(operator), 68(dialer), 88(mysql), 998(cvs) wade,ttyp3,~,17>ls -l /root/bin total 2 -rwxr-xr-x 2 root wheel 186 Feb 14 2001 copykeys.sh* -rwxr-xr-x 1 root wheel 186 Feb 15 2001 copykeysfd.sh* wade,ttyp3,~,13>ln /root/bin/copykeys.sh foobaz.sh wade,ttyp3,~,15>ls -l foobaz.sh -rwxr-xr-x 2 root wheel 186 Feb 14 2001 foobaz.sh* wade,ttyp3,~,16>ls -l /root/bin/copykeys.sh -rwxr-xr-x 2 root wheel 186 Feb 14 2001 /root/bin/copykeys.sh* Doug White | FreeBSD: The Power to Serve [EMAIL PROTECTED] | www.FreeBSD.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message