"And therefore modify?" I get the impression that some of the people
who are arguing about this don't at all understand the semantics of
link().
If you link /etc/shadow to /tmp/shadow, you have done none of the
following:
* changed the permissions of /tmp/shadow
* changed the owner or group owner of /tmp/shadow
Not only have you not changed those, you cannot change those. You have
created another reference to the inode, and that's all.
You cannot use hard links to defeat the permissions for a file. Even if
you manage to make a link to a temporary file, once the original user of
the temporary file is done with it the link you created remains with
_exactly the same permissions and ownerships_ that the original user
created it with. If that person did his job right, then the most you
can manage with a hard link is to possibly fill up the filesystem by
nabbing links to a lot of temporary files so that when the creator
unlink()s their temp files it doesn't free up the file space.