Re: How does chown(2) works with symlinks?

Linus Torvalds (
Sat, 13 Jul 1996 09:56:28 +0300 (EET DST)

On Thu, 11 Jul 1996, Michiel Boland wrote:
> And permissions for a symbolic link /are/ relevant; you cannot
> readlink() a symbolic link that has no read permission.
> (try ls -l /proc/1)

Umm, that's a special case. I made the /proc symlinks work the way _I_
personally think symlinks should work, but for "normal" symlinks the
standard UNIX behaviour is that they are always of mode lrxwrxwrxw..

I have a few other "sick" ideas for symlinks if I would like to extend

- permission checks according to mode bits (not just for /proc). The
kernel actually does this already, it's just that the /proc filesystem
is the only filesystem that has other than full read/write.
- setgid/setuid links would change the fsgid/fsuid for the process that
follows them for the duration of the lookup to the group/owner of the

Especially the second point is "strange". But it could be very useful for
allowing controlled r/w access to _certain_ files without allowing general
execute access to the directory the files reside in. It would be a huge
security hole if used incorrectly, though (like doing a root setuid
symlink to a directory, and then people do a

vi directory/../../../etc/passwd

heh ;)