1 |
On 30/01/2017 01:04, Michael Orlitzky wrote: |
2 |
> On 01/29/2017 05:30 PM, Alan McKinnon wrote: |
3 |
>> |
4 |
>> Good catch with symlinks. |
5 |
>> I don't see the point about hardlinks, they are just files with 2 |
6 |
>> dentries. When find gets to the second one it's already changed, so no |
7 |
>> problem. |
8 |
>> |
9 |
> |
10 |
> Any user can create a hard link in its home directory to /etc/shadow, so |
11 |
> long as (a) they live on the same filesystem, and (b) there are no |
12 |
> special kernel protections in place to prevent it. If you call chown on |
13 |
> that hard link, it will change the ownership of /etc/shadow. |
14 |
|
15 |
That is absolutely not true, at least for the case of classic Unix |
16 |
filesystems. |
17 |
|
18 |
hardlinks are exactly the same thing as regular files. For any given |
19 |
filesystem object there is a dentry, and that dentry points to an inode. |
20 |
Usually that is the end of the matter. |
21 |
|
22 |
When we create hardlinked files all we are doing is create a new dentry |
23 |
and point it to an inode that is already there. The so-called |
24 |
"hardlinked" file is a fiction, the instant you do it the new dentry |
25 |
operates just like any other file and is not even aware of other |
26 |
dentries pointing to the same inode. |
27 |
|
28 |
The point being, there is only one inode, and that is where the |
29 |
ownerships and permissions are. I cannot chmod, chown or chgrp |
30 |
/etc/shadow because I do not own it, and the kernel will not let me ln |
31 |
it either: |
32 |
|
33 |
alan@khamul /alan $ ls -ald /alan/ |
34 |
drwxr-xr-x 2 alan root 4096 Jan 30 16:10 /alan/ |
35 |
alan@khamul /alan $ ln /etc/shadow |
36 |
ln: failed to create hard link './shadow' => '/etc/shadow': Operation |
37 |
not permitted |
38 |
alan@khamul /alan $ ls -al /etc/shadow |
39 |
-rw-r----- 1 root root 1655 Dec 31 14:43 /etc/shadow |
40 |
alan@khamul /alan $ stat /etc/shadow |
41 |
File: /etc/shadow |
42 |
Size: 1655 Blocks: 8 IO Block: 4096 regular file |
43 |
Device: 815h/2069d Inode: 1188230 Links: 1 |
44 |
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 0/ root) |
45 |
Access: 2016-12-31 14:43:29.556174143 +0200 |
46 |
Modify: 2016-12-31 14:43:29.556174143 +0200 |
47 |
Change: 2016-12-31 14:43:29.568174144 +0200 |
48 |
Birth: - |
49 |
|
50 |
The only thing I can do after hardlinking a file is what I could do before. |
51 |
|
52 |
> I thought real hard about ways to avoid that and ultimately gave up. The |
53 |
> only safe way to chown is to "chown away"; that is, switch to the guy |
54 |
> who owns the files, and then give them to someone else. |
55 |
|
56 |
This is also not true. |
57 |
|
58 |
Only root can chown the owner of a file, and a regular user cannot give |
59 |
files |
60 |
away. The only ownership actions a user can do on a file is chgrp but |
61 |
only if |
62 |
the user is the owner, and then only to a group the user is a member of. |
63 |
|
64 |
|
65 |
|
66 |
-- |
67 |
Alan McKinnon |
68 |
alan.mckinnon@×××××.com |