> It adds a whole new check to Linux security checkers, and a while new
> incompatibility to mainstream Unix.
>
> Maybe I'm just paranoid. But every little change like this makes me worry.
> (I'm still not happy that ld.so doesn't protect execute-only binaries from
> LD_PRELOADs reading their code pages, and so on... you can't depend on Linux
> enforcing traditional Unix security)
The possibility to hardlink directories is about as old as UNIX itself.
I was actually not pleased at all when first used a ``modern'' UNIX after
the end of my hard V7 times and found that this feature was gone.
So if security scanners can't deal with it they missed more than just one
decade of UNIX ...
The V7 solution for dealing with eventual problems was to make hardlinking
directories a root-only operation, mainly to avoid funny things like
mknod("new-dir", S_IFDIR | 0755, 0);
link("new-dir", "new-dir/..");
Anyway, afaik the reason why later Unices dropped hardlinked directories
was that the semantics of ``..'' were very unobvious and got even more
obscure when the original link was deleted, thus resulting in a single
linked directory with a seemingly wrong parent.
Ralf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/