Follow-up Comment #5, bug #13853 (project mhonarc):
Possible fixes that can be applied:
1 Add a FOLLOWSYMLINKS resource that tells mhonarc to leave
symlinks alone. This would have to be explicitly enabled.
2 Check the user ID of the symlink to see if it matches the
pid of the mhonarc process. If so leave symlink alone.
3 Along with the previous check, check if the symlink uid
matches the uid of the containing directory. If they match,
leave it alone. With the previous check, both would have
to pass to leave the symlink alone.
(2) and (3) may be sufficient for security reasons and avoid
the need for FOLLOWSYMLINKS, except for certain use cases.
I.e. All of the above can be done, with (2) and (3) added as
the default and (1) only done when explicitly enabled. (1)
would bypass any ID checks.
Thoughts?
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?func=detailitem&item_id=13853>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
