*BSD News Article 46445


Return to BSD News archive

Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!zombie.ncsc.mil!news.mathworks.com!europa.chnt.gtegsc.com!news.sprintlink.net!news.wwa.com!not-for-mail
From: dattier@miso.wwa.com (David W. Tamkin)
Newsgroups: comp.unix.bsd.bsdi.misc
Subject: logic of symlink ownership rule?
Date: 5 Jul 1995 13:23:04 -0500
Organization: The Internet Provider Formerly Known as Gagme, now
		World-Wide Access, Chicago, Illinois  60606
Lines: 39
Message-ID: <3tela8$g3n@miso.wwa.com>
NNTP-Posting-Host: miso.wwa.com

Would someone please explain the logic to me that a symlink created under
BSDI 2.0 is owned by the owner of the directory it resides in?

One of the basic underpinnings of BSD, one that BSDI clings to steadfastly,
is that only root can use chown; if you create a file, it is yours and you
can't give it away to bloat up someone else's quota.  Yet if you make a such
a symlink, BSDI goes in the opposite direction and gives it away to someone
who didn't create it.

When directories are publicly writable -- such as /var/mail or /tmp --
usually these directories are sticky so that one user can't unlink another
user's files there.

If you make a plain file or a subdirectory in a publicly writable directory,
it's yours, all yours, and even if the (parent) directory is sticky you're
perfectly capable or unlinking it when you're done with it.  Since only
root has chown privileges, you can't transfer ownership of the file or
subdirectory to the owner of the (parent) directory; it's yours to keep.

But if you create a symlink in a publicly writable directory, it belongs to
the owner of the directory.  If the directory is sticky, as it usually is,
the creator of the symlink can't rm it when he or she is done with it.

If you have an existing symlink that you own, even if it's on the same
filesystem as the directory where you can write but which you don't own,
and you mv the symlink into that directory, BSDI 2.0 chowns it to the owner
of the directory, so there's no way around it.  I'm told that root can't
chown the symlink to its creator either; of course root can rm it when the
creator no longer needs it, and I imagine that the owner of the directory
can rm it as well (in my experiences root has owned the publicly writable
directories where I've run into this), but the creator has to say "I'm done
now; please rm the symlink" to one of them.

I hear that BSDI says this is a feature.  Well, why?  What is good about it
at all, let alone worth intentionally coding in?

Would someone please explain the logic?  Maybe it is a good thing after all,
but I don't understand it.  Thank you.