16.2 Soft Links

Although NCP Server for Linux provides limited support for hardlinks, soft links are intentionally not supported. The following soft link features can be exploited to create security problems where users can give themselves access to subdirectories where they have no rights:

  • The Linux POSIX permissions set on the soft link do not need to match the permissions set on the source file or directory.

  • The soft link and source file are not restricted to paths on the same volume and file system.

  • Soft links can link to files or directories.

  • The name of the soft link does not need to match the name of the source file.

For example, directories on an NCP volume on Linux file systems can have different inherited rights, so the link can have different effective rights than the source. Security breaches can occur if someone accidentally creates a soft link to a sensitive area of the system, such as the /etc directory. A hacker can exploit the system by creating a soft link to a password file, then overwriting its contents. Soft links can cause security problems for programs that fail to consider the possibility that the file being opened may actually be a link to a different file. This is especially dangerous when the vulnerable program is running with elevated privileges.