Fwd: Re: need help with an rsync patch

Matthias Schniedermeyer ms at citd.de
Tue Aug 13 06:06:09 MDT 2013

On 13.08.2013 13:17, Paul Slootman wrote:
> On Tue 13 Aug 2013, Matthias Schniedermeyer wrote:
> > That aside that's not what i meant.
> That's the problem with one-word answers, people have to guess what you
> mean.
> > Hardlinking a file doesn't change it's owner/group/permission 
> > (All Hardlinks have the same user/group/permissions).
> I never said that.

You implied that by your assertion that you suddenly can read a file 
after hardlinking it.

> I said that if a hardlink can be made (and I meant on a modern linux
> kernel, with default settings) then the user already has permissions to
> do anything with the file. I forgot already about the old semantics :)

Did you read what i just wrote?

You can't do anything more to the file than before you hardlinked it. 
(Except rename the hardlink, but that's because you have permission to 
the directory and not the file itself. That is also the reason why you 
can delete the hardlink (But not the original file))

So if you can read the shadow-file after you hardlink it, you are able 
to read the original file.

If you can read the file after backup/restore (Case the OP described), 
then the vulnerability isn't the hardlink itself it's the backup/restore 
that didn't store/restored the correct owner/group/permissions. The 
backup could even "rewind" the shadow-file, if it overwrites the file 
instead of creating a temporary file and renameing it. With rsync 
'--inplace' you could rewind any file which hardlinks to something else, 
when restored.



More information about the rsync mailing list