Call for review: restricted hardlinks.
--BVXm2WAry1WzRMtx
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi.
I've no response from so@ in this topic, probably because leak of time,
so I'll try here.
Here is a patch that I'm planing to commit:
http://people.freebsd.org/~pjd/patches/restricted_hardlinks.patch
It adds two new sysctls:
security.bsd.hardlink_check_uid
security.bsd.hardlink_check_gid
If sysctl security.bsd.hardlink_check_uid is set to 1, unprivileged users
are not permitted to create hard links to files not owned by them.
If sysctl security.bsd.hardlink_check_gid is set to 1, unprivileged users
are not permitted to create hard links to files if they are not member
of file's group.
For now user is able to create hardlinks to any files.
--=20
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd@FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
--BVXm2WAry1WzRMtx
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFATD6qForvXbEpPzQRAiTaAKCfMXA2A16hSpkekHEVorj7V+p7GACeMUyt
KwUJryIp77pUS/B87rmDEwA=
=vl8P
-----END PGP SIGNATURE-----
--BVXm2WAry1WzRMtx--
討論串 (同標題文章)
完整討論串 (本文為第 1 之 8 篇):