On Mon, Apr 08, 2002 at 02:49:15PM -0500, Dan Nelson wrote:
> .. or even if isn't, as someone might link it just before you delete
> it. An attacker can still exhaust your inode quota with 0-length
> files.
>
> I wonder if there is any reason to allow arbitrary hardlinking; maybe
> only allow linking of files you currently have read access to? Only
> files that you own? Only allow root to hardlink? How paranoid do you
> want to be? :) It could always be another sysctl knob.
I once wrote a patch to stop people making hardlinks to a file
unless they were root or the file's owner. I ran with it for a bit
and never noticed it being triggered.
It probably should be a filesystem mount option, but we're out of
them until the new mount code comes into use.
David.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
