Restricting symlinks

x_terminat_or_3 · 09-01-2007, 04:41 PM

Hi all

I have come to a quite shocking discovery (for me at least) that when you create symbolic links, those links are set to 0777 (rwx for all)!

Is there any way that I can change the permissions of the link?

Here is a transcript of my session:

Code:

[kde@earth ~]$ touch test-1.0.0
[kde@earth ~]$ ln -s test-1.0.0 test
[kde@earth ~]$ ls -alh test*
lrwxrwxrwx 1 kde kde 10 2007-09-01 22:39 test -> test-1.0.0
-rw-rw-r-- 1 kde kde  0 2007-09-01 22:39 test-1.0.0
[kde@earth ~]$ chmod 0755 test
[kde@earth ~]$ ls -alh test*
lrwxrwxrwx 1 kde kde 10 2007-09-01 22:39 test -> test-1.0.0
-rwxr-xr-x 1 kde kde  0 2007-09-01 22:39 test-1.0.0

kotnik · 09-01-2007, 04:53 PM

Don't worry. Original file's permissions still apply

x_terminat_or_3 · 09-01-2007, 04:57 PM

I know that, but we use symlinks to restrict our developers from messing with the core files of the system, seeing it is on a production server.

A developer wants to change a file: create copy of currently linked one, make modifications, save with new version name, test,test,test.

Once testing is done, we replace the symbolic link that points to the old version, with one that points to the new one.

The developers only have ftp access and I disabled the SITE_CHMOD command so they cannot change permissions. When they find out that they can delete symbolic links, our system will go down the drain in a matter of days!