[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: mkdir when target exists and is a broken symlink
From: |
Avis, Ed |
Subject: |
RE: mkdir when target exists and is a broken symlink |
Date: |
Fri, 20 May 2005 18:49:38 +0100 |
Paul Eggert wrote:
>>There could be some kind of -f, --follow option so that mkdir will
>>create the directory pointed to.
>
>There is a potential security problem there, if the symbolic link
>is in a directory writable by an attacker.
I don't agree that this is a security problem, since mkdir is doing
exactly what you asked it to. But anyway,
>>Is this a sensible thing to put in mkdir or is there some
>>existing Unix idiom that does what I want?
>
>Not in POSIX/Unix, but in coreutils 5.3.0 and later: either "mkdir -p
>$(readlink -f file)" or "mkdir -p $(readlink -m file)", depending on
>the exact semantics that you want.
Yes, that would do the trick.
>>I note that 'touch foo' when foo is a broken symlink will create the
>>link destination if possible (though without making any directories,
>>obviously).
>
>POSIX requires this, but it is arguably a misfeature, due to the
>security issues mentioned.
I still don't understand how this is a security issue any more than the
whole concept of symbolic links is a security issue.
I'll wait for a newer coreutils release, and instead of using 'mkdir -p'
as the standard way of trying hard to make a directory, use instead
'mkdir -p `readlink -f`'.
--
Ed Avis <address@hidden>