In the last episode (Apr 08), Kurt J. Lidl said:
> On Mon, Apr 08, 2002 at 11:41:44AM -0700, Michael Smith wrote:
> > You could also use this technique to maliciously exhaust a user's
> > quota, by linking to their temporary files. I'm not sure what the
> > standards have to say about this, but I don't much like the current
> > behaviour.
>
> The truely paranoid ftruncate the file size to zero if the link count
> is larger than one.
.. or even if isn't, as someone might link it just before you delete
it. An attacker can still exhaust your inode quota with 0-length
files.
I wonder if there is any reason to allow arbitrary hardlinking; maybe
only allow linking of files you currently have read access to? Only
files that you own? Only allow root to hardlink? How paranoid do you
want to be? :) It could always be another sysctl knob.
--
Dan Nelson
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
