on 28/10/2008 18:18 David Schultz said the following:
> On Mon, Oct 27, 2008, Edward Tomasz Napierala wrote:
>> Let's say we have two directories, "A/" and "B/". We also have a
>> file, "A/F". To remove that file, we need write access to "A/".
>> To move that file to "B/", we need write access to both "A/" and
>> "B/". Now, assume we have a directory, "A/D". To remove that
>> directory, we need write access to "A/". To move that directory
>> to "B/", we need write access to "A/", "B/", _and "A/D"_.
>> I'd like to remove the last check (requirement to have write access
>> to a directory we want to move somewhere else). Reason for this
>> is that it doesn't seem very logical, and many systems - including
>> SunOS, and our ZFS - behave differently. In other words, we have
>> different semantics on UFS and ZFS.

> No comment on other operating systems or standards, but I wanted
> to point out that there is some logic to FreeBSD's present behavior:
> When you move A/D, you must be able to write to D, because you are
> modifying D's ".." entry to point to B instead of A.
>>From a practical point of view, I think either behavior is fine,

> but we should consider whether any security-critical applications
> rely on the current behavior before changing it.

Control this check by a sysctl under security.bsd?

Andriy Gapon
freebsd-arch@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"