On 13.08.2013 12:29, Paul Slootman wrote: > On Tue 13 Aug 2013, Matthias Schniedermeyer wrote: > > On 13.08.2013 09:52, Paul Slootman wrote: > > My mistake for assuming that people run current linux kernels... > > /proc/sys/fs/protected_hardlinks (since Linux 3.6) > When the value in this file is 0, no restrictions are placed on > the creation of hard links (i.e., this is the historical behav??? > iour before Linux 3.6). When the value in this file is 1, a > hard link can be created to a target file only if one of the > following conditions is true: > > I would suggest that upgrading the kernel is a better solution for the > OP than patching rsync. If your backup strategy involves backuping up > files as root to a medium that is readable by everyone so that the link > in the user's home directory is restorable as the user, then there are > more problems waiting to happen besides this...
The kernel-option is more for the reason of "least surprise" than anything. Most find it unexpected that you can hardlink anything you can reach. BUT there is no direct vulnerability in that, only processes after that (like backup/rsync) can make a vulnerability out of it. IOW hardlinking everything doesn't immediatly create a problem, it's when you do something else that is "unsafe" that results in the hardlinks beeing a problem. Best example would be backup/restore where the restore blindly overwrites files (like rsync --inplace), that would restore the hardlinked original back the the earlier version, instead of a seperate file that contains the earlier version. I'm assumg that the backup/restore processes runs as root, so has actually permission to do that. -- Matthias -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
