16.3 Hard Links

NCP Server supports hardlinks for a file on an NCP volume (NCP share on a non-NSS file system) if the destination location for the hardlink is on the same NCP volume as the source file, and any of the following conditions is met:

  • If the user is supervisor equivalent of the NCP volume, or

  • If the user is the owner of the file, or

  • If the "Other" Read/Write mode bits are set on the file on the non-NSS file system.

Other users are unable to open hard-linked files. This is because of a hard-link security problem where users can give themselves write access to files where they should only have read access.

For example, a user has world-readable access to /etc/fileA. The user creates a hardlink to /etc/fileA and specifies a destination for the link to be a directory on the same file system where the user has read/write access, such as the user's home directory. The user now has granted himself read/write access to fileA.

NCP Server supports hardlinks for a file on an NSS volume if the destination location for the hardlink is on the same NSS volume as the source file, and any of the following conditions is met:

  • If the user is supervisor equivalent of the NSS volume, or

  • If the user is the owner of the file.

In addition, the Hardlinks attribute must be enabled for the NSS volume to allow hardlinks support. The hardlinks can be in the same directory or in multiple directories in the same NSS volume. When hardlinks are used, the volume's users must be enabled with Linux User Management. The NSS file system is designed to provide secure support for hardlinks on NSS volumes. For information about how the hardlinks on an NSS volume work with file ownership, trustees, trustee rights, and inherited rights, see Understanding Hard Links in the OES 2018 SP1: NSS File System Administration Guide for Linux.