On Mon, Aug 24, 2009 at 5:55 PM, Richard Elling<richard.ell...@gmail.com> wrote: > ... >> No it shouldn't. >> >> Alice$ cd ~/proj1; ln -s /etc ., >> >> Alice$ echo "Hi helpdesk, Bob is on vacation and he has a bunch of >> files in my home directory for a project that we are working on >> together. Unfortunately, his umask was messed up and I can't modify >> the files in ~alice/proj1. Can you do a 'chmod -fR a+rw >> /home/alice/proj1' for me? Thanks!" | mailx -s "permissions fix" > > Yeah, but that is just a social engineering attack. > If you change chmod, you can just change the suggested > command, and achieve similar results. cp and rm are favorite > targets, too. IMHO, the real problem here is that there is a > multitude of cp, rm, chmod, ls, and other commands or shell > builtins -- most folks won't know which one they are currently using :-(
It's not *just* a social engineering attack. It's relying on the fact that (unlike chown -h) the chmod command follows symlinks and there's no way to disable that behaviour. -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
