Overly restrictive permissions on symbolic links in root directory

[mjw]

I've noticed that the symbolic links in the root directory (/bin, for example) have no read, write or execute permissions. This prevents non-privileged users from sshing into a haiku box because the non-privileged user can not read or execute /bin/sh.

I'd expect the permissions on symlinks to be 0777.

With the attached patch, I can create an unprivileged user that can ssh into the box.

This bug looks similar to #12373, but that bug seems to be talking about different sources of problems.

[mjw]

proposed fix.

[waddlesplash]

Note that you can export patches from Git in a format that will allow us to keep you as the author of the commit: git format-patch <since_ref>, where you can substitute -1 for <since_ref> to export the latest commit in such a format.

Otherwise, patch looks good to me.

[mjw]

Update patch from a git export

[mjw]

Replying to waddlesplash:

Note that you can export patches from Git...

Thanks for the tip. I have uploaded a new patch.

[jessicah]

Shouldn't it be 0755? Besides, most of these paths are read-only with packagefs ;-)

[mjw]

The effective permissions will be the permissions of the directory that the symbolic link is pointing to, so I don't think it makes much sense to limit the permissions on the symbolic links to anything less than 0777.

[jessicah]

Ah, fair enough.

[waddlesplash]

Applied in hrev51182. Thanks!

[axeld]

FWIW the permissions on symlinks seem to be ignored by Linux, but honored by FreeBSD.

[pulkomandy]

It would still make sense to have proper permissions on the symlinks. I'd even use 0555, so that no one can edit them (even if you can't access the target, the permissions on the symlink allow you to delete or rename it, for example). Or at least that is what would make sense with symlink permissions?