Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site stat-l
Path: utzoo!watmath!clyde!burl!ulysses!mhuxj!cbosgd!ihnp4!inuxc!pur-ee!CS-Mordred!Pucc-H:Pucc-I:Stat-L:acu
From: acu@stat-l (Shoe)
Newsgroups: net.bugs.4bsd
Subject: Symbolic Links VS. Security
Message-ID: <150@stat-l>
Date: Sat, 29-Sep-84 16:38:49 EDT
Article-I.D.: stat-l.150
Posted: Sat Sep 29 16:38:49 1984
Date-Received: Mon, 1-Oct-84 03:49:28 EDT
References: <442@unmvax.UUCP> <159@utecfa.UUCP>
Distribution: net
Organization: Purdue University Computing Center
Lines: 15

I think a serious oversight by Berkeley when adding symbolic links was
the failure to add a sys call (or library routine) that resolves an
arbitrary path into a path guaranteed to be free from symbolic links.
(No, this is not trivial to do with readlink).

This would be especially useful when you have to back up to check the
permissions of a file's parent directory. Access is just not flexible
enough.

-- 
Mark Shoemaker					/dev/shoe
...!pur-ee!pucc-k:acu				mas@purdue

The way to do is to be.
	-- Lao Tzu