Re: fsync on large files

Linus Torvalds (torvalds@transmeta.com)
Wed, 17 Feb 1999 23:22:10 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Linus Torvalds: "Re: fsync on large files"
Previous message: G Jalaja Devi: "Re: Linux Kernel Device Driver"
In reply to: Mark Harburn: "Re: inodes + strobe + unusable system (tested)"

On Thu, 18 Feb 1999, David Luyer wrote:
>
> If Linux ever supports hardlinked directories, I really hope there's some way
> to prevent them. That's one of the reasons for the .. sanity check I thought.
>
> Now:
> * attacker discovers a directory temporarily open (bad permissions)
> * attacker hardlinks to some of the files in there
> * the security checker notices the link count increase

Sure.

> The future:
> * attacker discovers a directory temporarily open (bad permissions)
> * attacker hardlinks to a subdirectory in it
> * you need yet another security check to check the link count on directories
> matches the number of real files in it, and the check has to watch for
> modifications as it is checking, etc, etc

Not really.

The future:
* you need another security check that checks that the link count on the
directory is 1.

If you don't have a ".." entry, the link count for directories is always
1, except if you have hard links - exactly the way it works for normal
files.

Note that there are many unix tools that know about the directory link
counts, but they also know about ignoring it too - because there are
already many filesystems that do not have the standard unix link count
behaviour.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: fsync on large files"
Previous message: G Jalaja Devi: "Re: Linux Kernel Device Driver"
In reply to: Mark Harburn: "Re: inodes + strobe + unusable system (tested)"