Re: Proposal: restrict link(2)

Thomas Koenig (
Fri, 13 Dec 1996 00:01:36 +0100 (MET)

The Deviant wrote:

>If you don't want your machine to be hacked, and you're willing to
>sacrafice functionality, don't network it.

There is also the possibility of a malicious user on a non-networked

>> Some programs use mktemp(3). The filenames generated are predictable.
>> Soft links are one way of exploiting this; hard links are another.
>Then mktemp(3) needs to be fixed...

Can't do this, without breaking existing programs.

>A concept which I am all for. But
>again, this is userland, not kernel.

In that case, please provide a safe way that I can open a file in /tmp,
without being root. Please include foolproof checks for symbolic and
hard links.

Thomas Koenig,, ig25@dkauni2.bitnet.
The joy of engineering is to find a straight line on a double
logarithmic diagram.