[arch-general] Why are CA certifcates writable for every user?
Tomasz Kramkowski
tk at the-tk.com
Sat Feb 7 01:38:54 UTC 2015
On 06/02/15 18:50, "Jérôme M. Berger" wrote:
> Actually, this does not need root. You can even create a symlink to a
> non-existing file if you want. Actually *accessing* the symlink is
> another matter of course.
Yeah, now I think about it, saying that you can delete / move the
symlink based on directory permissions and then saying that you need
root for creation doesn't quite check out. You're right.
Creation, deletion and moving (deletion then creation?) of a symlink is
entirely dependant on the directory it is stored in. But actions like
reading, writing and executing which act on the actual linked file
depend on the permissions of the actual file linked to.
(And it's needless to say that the file permissions of the symlink
itself (777) can be completely ignored.)
--
Tomasz Kramkowski
E-Mail: tk at the-tk.com
PGP: 6FCE87503AAF42AB3BF4 94FE40B037BA0A5B8680
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20150207/d40c83bd/attachment.asc>
More information about the arch-general
mailing list