On 2014-10-29 12:09:00 -0400, Tom Lane wrote: > Stephen Frost <sfr...@snowman.net> writes: > > * Robert Haas (robertmh...@gmail.com) wrote: > >> I think the question is "just how innumerable are those attack > >> routes"? So, we can prevent a symlink from being used via O_NOFOLLOW. > >> But what about hard links? > > > You can't hard link to files you don't own. > > That restriction exists on only some platforms.
Yea, it's nothing we can rely on. I do think checking the link count to be 1 is safe though. > Current OS X for instance > seems perfectly willing to allow it (suggesting that most BSDen probably > do likewise), and I see no language supporting your claim in the POSIX > spec for link(2). I'd argue that there's no point in treating OSX as a securable platform :P Greetings, Andres Freund -- Andres Freund http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
