Question about linking restriction option
Posted: Tue Dec 23, 2003 5:26 amA little question about linking restriction option. This option doesn't allow to follow symlinks which were created in /tmp (owned by root) by another users (and by processes with effective uid and gid different then root).
It's a good.
But if a user created a ordinary file in /tmp (it possible) with same name as used by users (processes) and then created a symlink in his home directory which lead to this file - this allows to steal information which written by other users (processes), isn't it? Or knowing how to work these processes (source code present - only time are needed) write a c-program which creates a socket with name as used by these processes and steal information.
I suppose that the aim of this option is prevent from destructive actions of users against system. So it's a problem of writing a correct programs (with unique file names in /tmp in this instance). If a program written badly so there are a lot of way to abandon this option.
So question: is this option real needed if exist another ways (easy enough) to get what is wanted?
Sorry for bad English
It's a good.
But if a user created a ordinary file in /tmp (it possible) with same name as used by users (processes) and then created a symlink in his home directory which lead to this file - this allows to steal information which written by other users (processes), isn't it? Or knowing how to work these processes (source code present - only time are needed) write a c-program which creates a socket with name as used by these processes and steal information.
I suppose that the aim of this option is prevent from destructive actions of users against system. So it's a problem of writing a correct programs (with unique file names in /tmp in this instance). If a program written badly so there are a lot of way to abandon this option.
So question: is this option real needed if exist another ways (easy enough) to get what is wanted?
Sorry for bad English