[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Anyone can modify the modification time of a symbolic link owned by
From: |
Pádraig Brady |
Subject: |
Re: Anyone can modify the modification time of a symbolic link owned by root |
Date: |
Wed, 14 Apr 2021 20:24:48 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:84.0) Gecko/20100101 Thunderbird/84.0 |
On 14/04/2021 19:08, develop@nobes.com wrote:
As a regular user I am able to update the modification time of symbolic links
that are owned by root.
Is this intentional? Other than making the device read only is there any other
way to prevent this?
I realize that using the command "ls -l" shows up as all users having write
permissions on the symbolic link. Just wondering what the reasoning is to allow any user
to change the modification time. It would seem to be more logical if only the owner
(group?) could change the modification time.
You are correct:
$ strace -e utimensat touch -h /bin
utimensat(AT_FDCWD, "/bin", NULL, AT_SYMLINK_NOFOLLOW) = 0
However enforcement would need to be done in the kernel,
so this is more a kernel question.
Related to this is how perms on symlinks are handled.
There was some previous discussion of that at:
https://lists.gnu.org/archive/html/bug-coreutils/2009-09/msg00268.html
Also I saw mention that NetBSD may have a symperm mount option
to honor permissions for symlinks.
cheers,
Pádraig