LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

symlink.7: Minor fixes to Aleksa Sarai's patch 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-06-19 14:54:27 +02:00
parent 41e240557f
commit 04ce17bdba
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
man7/symlink.7
View File

@ -84,21 +84,26 @@ as they are implemented on Linux and other systems,
are outlined here.
It is important that site-local applications also conform to these rules,
so that the user interface can be as consistent as possible.
.SS Magic-links
There is a special class of symlink-like objects known as "magic-links" which
can be found in certain pseudo-filesystems such as
.\"
.SS Magic links
There is a special class of symbolic-link-like objects
known as "magic links", which
can be found in certain pseudofilesystems such as
.BR proc (5)
(examples include
.IR /proc/[pid]/exe " and " /proc/[pid]/fd/* .)
Unlike normal symlinks, magic-links are not resolved through
.IR /proc/[pid]/exe " and " /proc/[pid]/fd/* ).
Unlike normal symbolic links, magic links are not resolved through
pathname-expansion, but instead act as direct references to the kernel's own
representation of a file handle. As such, these magic-links allow users to
representation of a file handle.
As such, these magic links allow users to
access files which cannot be referenced with normal paths (such as unlinked
files still referenced by a running program.)
files still referenced by a running program ).
.PP
Because they can bypass ordinary
.BR mount_namespaces (7)-based
restrictions, magic-links have been used as attack vectors in various exploits.
restrictions,
magic links have been used as attack vectors in various exploits.
.\"
.SS Symbolic link ownership, permissions, and timestamps
The owner and group of an existing symbolic link can be changed
using
@ -119,7 +124,8 @@ On Linux, the permissions of an ordinary symbolic link are not used in any
operations; the permissions are always 0777 (read, write, and execute for all
user categories), and can't be changed.
.PP
However, magic-links do not follow this rule. They can have a non-0777 mode,
However, magic links do not follow this rule.
They can have a non-0777 mode,
though this mode is not currently used in any permission checks.
.\"