Michael Smith wrote: > You misunderstand the original poster's complaint. > > The issue is that a non-owner can cause the owner's file to remain alive > even after the owner has deleted it. Hence the comment about "later > breakin". > > You could also use this technique to maliciously exhaust a user's quota, > by linking to their temporary files. I'm not sure what the standards > have to say about this, but I don't much like the current behaviour.
I think that making the links in temporary directories should not be allowed, by dint of the t bit in the user of the directory in which the file is being created. I think the problem with someone else making a link to my file and keeping it around is an issue of access controls to the file itself, and not really a problem: e.g. if you want to avoid it, don't rely on obscurity, and don't permit exterior access to the files. Actually, people have complained about not having a "flink(2)" call to create a directory entry for an open file. I think if this were there, then the problem would be genuine; but without it, it's a matter of controlling access to the files. I wouldn't be opposed to a patch that prevented creation of links to files you don't own, if the 't' bit were set on the wource or destination directory, but which would permit the operation otherwise. I think a patch that disallowed it entirely would break /var/spool/lock based locking. 8-(. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
