Hard links to directories: why not?
Aaron Schuman
schuman at sgi.com
Thu Jul 19 03:32:47 AEST 1990
Wiliiam Lewis> In the man entry for ln(1) (and for link(2)),
Wiliiam Lewis> it says that hard links may not be made to directories,
Wiliiam Lewis> unless the linker is the super-user ...
Wiliiam Lewis> My question is: why not?
Wiliiam Lewis> It seems perfectly harmless to me, although
Wiliiam Lewis> it would allow the user to make a pretty convoluted
Wiliiam Lewis> directory structure, that's the user's privilege.
I don't know of any way that an ordinary user could parlay the ability
to make hard links to a directory into obtaining superuser status.
But that is not the only reason why some system calls are restricted.
A foolish user could create loops in the directory structure.
Lots of file system functions depend on the absence of loops in
order to guarantee completion. Some system calls would never return.
Wiliiam Lewis> So I suppose it's probably a security issue somehow
Denial of service is sometimes considered a security issue,
and sometimes considered just a matter of proper administration.
Choose your own taxonomy of admin nightmares.
Aaron
More information about the Comp.unix.wizards
mailing list