[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: mkdir when target exists and is a broken symlink
From: |
Paul Eggert |
Subject: |
Re: mkdir when target exists and is a broken symlink |
Date: |
Fri, 20 May 2005 13:37:19 -0700 |
User-agent: |
Gnus/5.1006 (Gnus v5.10.6) Emacs/21.4 (gnu/linux) |
>>POSIX requires this, but it is arguably a misfeature, due to the
>>security issues mentioned.
>
> I still don't understand how this is a security issue any more than the
> whole concept of symbolic links is a security issue.
Yes, that's the problem basically. If you're about to say "touch /tmp/foo"
an attacker can do "ln -s /victim/.newsrc /tmp/foo".
> I'll wait for a newer coreutils release, and instead of using 'mkdir -p'
> as the standard way of trying hard to make a directory, use instead
> 'mkdir -p `readlink -f`'.
Given what you said that you wanted, you might prefer -m instead. And
you might want to quote things (to protect against link expansions
with shell metacharacters), and protect against file names or link
expansions with leading "-". Something like this, perhaps:
mkdir -p -- "$(readlink -m -- "$file")"
- mkdir when target exists and is a broken symlink, Avis, Ed, 2005/05/17
- Re: mkdir when target exists and is a broken symlink, Eric Blake, 2005/05/17
- RE: mkdir when target exists and is a broken symlink, Avis, Ed, 2005/05/18
- Re: mkdir when target exists and is a broken symlink, Eric Blake, 2005/05/18
- RE: mkdir when target exists and is a broken symlink, Avis, Ed, 2005/05/20
- Re: mkdir when target exists and is a broken symlink,
Paul Eggert <=