I made a soft link in a directory readable by any web browser. The link has the permissions lrwxrwxrwx. I'm not worried about the r's or the x's, but I'm concerned about that w. Does the w not mean that the link is world writable? Could it be rewritten by some one to point to something I don't want them to have access to?

With root rights.. I do..
While i logon to usera & try to do
#ls -l /home/usera/
lrwxrwxrwx 1 root root 6 Sep 19 02:52 stupidity -> /root/

But when i try to
#ls -l /home/usera/stupidity
I get PERMISSION DENIED. Ma box says a

While as the symbolic link file still has rwx rights for others & hence i can do
#rm -f /home/usera/stupidity , though this doesnt means that the usera can delete my whole root directory subsystem as it will only delete the symobolic link & nothin else.

hOPE this would have clarified your queries.

Let's say the userA issues the command

#ln -s /home/userA/lucky /home/userA/stupidity

Then userB logs in. Could userB then issue the command

#ln -s /home/userC/mail /home/userA/stupidity

???

No, as userC would'nt have executable rights & hence can't go in /home/userC & hence cant run the command you have asked for.

ls -l /home will answer your query easily. No user can even browse others home directory & hence they can't do any linking further in other's home. (I assume that you are having default rights/permissions at user's HOME)

There are some environments where everyone's user directory is readable to all other users by default. There are also other environments where a portion of a users home directory is readable to any person that can access http servers on the web. It was really the later environment that I had in mind.

I am sorry, i did'nt took that in consideration.

ln cant overwrite any link if you have'nt provided the "-f" handle with ln command. So if you run the above command with -f handle, i.e. #ln -s /home/userC/mail /home/userA/stupidity -f, yes it will override the existing symlink created by the other user. But be rest assured that we are not changing the contents of the file it is being pointed at. Its like updating the symbolic link with another destination now. And hence YES you can modify the symbolic link at any time because of the default permission of all 7 at it with any user(If you can read & cd into a directory containing the link).

To set the record straight, the Linux kernel does not check permissions on symlinks, but rather the object to which they point. Otherwise, symlinks would pose a huge security hole (normal users could create a writable symlink pointing to a root-owned file like /etc/passwd and then edit it).