Re: hardlinks.... sucks... ;-(

Albert D. Cahalan (acahalan@cs.uml.edu)
Wed, 7 Jan 1998 01:21:58 -0500 (EST)

>>> No, you are not right ;-( There is old Unix hole and you know it.
>>> And it's a kernel vfs issue. In general, this is *huge* hole.
>>> Novice in sysadmin's world can done this "not kernel issue":
>
> Novices need educating on how UNIX works. Kludgyness to make it,
> er, ``easy'' to administer is the path that NT took, and generally
> it either doesn't make it to administer, or doesn't work. IMHO,
> of course.
>
>>> user$ ln /etc/passwd ~/.some
>>> root# chown newuser /home/user -R
>>>
>>> This is only common example. And this is a *serious* security bug.
>
> It's a common example of sysadmin luserness. Not a security bug at all.

Don't be so arrogant. You show your own luserness below.
Lots of us humans have that problem. Arrogance won't help
you keep your system secure.

>> No. You just need other tool than chown, you need tool that changes
>> uid->uid. And you run it as chown -from olduser -to newuser -R /,
>> which looks for all files owned by olduser and makes newuser own
>> them. Just go ahead and write this tool. (And mail me a copy ;-). (I
>> would also appredicate option to delete such files).
>
> Try something a bit like one of the following:
>
> find / -user 1234 -print | xargs chown 4321
> find / -user 1234 -print | xargs rm
> find / -user 1234 -exec chown 4321 {} ;
> find / -user 1234 -exec rm {} ;

Alright now, how many people would do that? :-)

1. the file is found by "find"
2. the user removes it and makes a link
3. the "chown" command runs

It seems a file starting with "-" could cause trouble too.
Maybe a name like "--follow-symlinks" would be interesting.

Link and symlink restrictions would help protect us from
our luserness. Arrogance has no place in security.