[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Re: who owns what
From: |
Philip Webb |
Subject: |
Re: lynx-dev Re: who owns what |
Date: |
Sat, 10 Oct 1998 11:57:34 -0400 (EDT) |
981010 Larry Virden wrote:
> $ id
> uid=203(lwv26) gid=288(dept26)
> $ ls -l /tmp/not-there /tmp/l-not-there
> ls: /tmp/not-there: No such file or directory
> ls: /tmp/l-not-there: No such file or directory
> $ ln -s /tmp/not-there /tmp/l-not-there
> $ ls -l /tmp/not-there /tmp/l-not-there
> ls: /tmp/not-there: No such file or directory
> lrwxrwxrwx 1 lwv26 dept26 14 Oct 10 09:59 /tmp/l-not-there ->
> /tmp/not-there
> $ ls -l /etc/passwd
> -rw-r--r-- 1 root sys 501 Oct 10 01:43 /etc/passwd
> ls: /tmp/l-passwd: No such file or directory
> $ ln -s /etc/passwd /tmp/l-passwd
> $ ls -l /etc/passwd /tmp/l-passwd
> -rw-r--r-- 1 root sys 501 Oct 10 01:43 /etc/passwd
> lrwxrwxrwx 1 lwv26 dept26 11 Oct 10 10:00 /tmp/l-passwd ->
> /etc/passwd
>
> Bela is saying nothing but the truth
> with regard to BSD and System V.4 based systems with symlinks.
your commands & output reproduce here at CHASS, except the last 2 lines,
where the permissions are -r--r--r-- & lrwx------ ;
of course, they say `purslow user' a/a `lwv26 dept26';
i can also link to a non-existent file in a colleague's home directory
(the system refuses to delete any item not under my home directory,
but i assume it will zap the 2 /tmp files soon enough ... ).
i did not doubt BL's word re what you may be able to do with symlinks,
but it's not clear the security problem he describes could occur at CHASS.
suppose i have a file /homes/purslow/vital
& Enemy creates a symlink to it called /tmp/dagger :
on CHASS the latter will have the permission lrwx------ ,
ie only Enemy can (over)write /tmp/dagger -> /homes/purslow/vital ,
but no-one else, incl me running Lynx.
further, Enemy's write permission for /tmp/dagger can't allow him
to overwrite just ANY file out there he chooses to link it to:
it's a danger ONLY if he can delude ME into doing it for him,
eg by running a suitable version of Lynx (or some other program),
but here on CHASS, that's impossible, since the system will choke
when Lynx asks it to allow me to write Enemy's /tmp/dagger :
"You don't got permission, see: lrwx------ ".
so no sir, i don't need your E-Wiz(TM) super-excluder force field,
i already have a perfectly good steel door with a deadlock ...
--
========================,,============================================
SUPPORT ___________//___, Philip Webb : address@hidden
ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies
TRANSIT `-O----------O---' University of Toronto
Re: lynx-dev Re: who owns what, David Combs, 1998/10/10
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11