Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site stat-l Path: utzoo!watmath!clyde!burl!ulysses!mhuxj!cbosgd!ihnp4!inuxc!pur-ee!CS-Mordred!Pucc-H:Pucc-I:Stat-L:acu From: acu@stat-l (Shoe) Newsgroups: net.bugs.4bsd Subject: Symbolic Links VS. Security Message-ID: <150@stat-l> Date: Sat, 29-Sep-84 16:38:49 EDT Article-I.D.: stat-l.150 Posted: Sat Sep 29 16:38:49 1984 Date-Received: Mon, 1-Oct-84 03:49:28 EDT References: <442@unmvax.UUCP> <159@utecfa.UUCP> Distribution: net Organization: Purdue University Computing Center Lines: 15 I think a serious oversight by Berkeley when adding symbolic links was the failure to add a sys call (or library routine) that resolves an arbitrary path into a path guaranteed to be free from symbolic links. (No, this is not trivial to do with readlink). This would be especially useful when you have to back up to check the permissions of a file's parent directory. Access is just not flexible enough. -- Mark Shoemaker /dev/shoe ...!pur-ee!pucc-k:acu mas@purdue The way to do is to be. -- Lao Tzu