If you create several partition ( /var /usr /home ), this problem is resolved. Generally, in /usr, there are no directory write-able for all. If you have a partition for /usr, no hard link to a set-uid binary ( in the /usr tree ) is possible. On Mon, 8 Mar 2004 23:08:28 +0100 Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > On Mon, Mar 08, 2004 at 10:10:38PM +0100, Georg-W. Koltermann wrote: > +> When you restrict links, do you want to restrict copying as well? > +> > +> Seems somewhat paranoid to me. You already need write permission > on the+> directory where you create the link, and permissions are > checked against+> the inode on open(2) anyway. > > This is because this gives an attacker some possibilities. > For example he is able to create hard link to some set-uid binary. > After some time, a security-related bug will be found in this > application, administrator will change it with good version, but old, > vulnerable version will be still in system. > Administrator have to be really careful when fixing such problems > and check number of hard links or just remove such program using 'rm > -P'. > > -- > Pawel Jakub Dawidek http://www.FreeBSD.org > pjd@FreeBSD.org http://garage.freebsd.pl > FreeBSD committer Am I Evil? Yes, I Am! > _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"