Qual sistema você está executando? No Linux, esse comportamento é configurável, através de /proc/sys/fs/protected_hardlinks
(ou sysctl fs.protected_hardlinks
).
O comportamento é descrito em proc(5)
:
/proc/sys/fs/protected_hardlinks
(since Linux 3.6)
When the value in this file is 0, no restrictions are placed on the creation of hard links (i.e., this is the historical behavior before Linux 3.6). When the value in this file is 1, a hard link can be created to a target file only if one of the following conditions is true:
- The calling process has the CAP_FOWNER capability ...
- The filesystem UID of the process creating the link matches the owner (UID) of the target file ...
- All of the following conditions are true:
- the target is a regular file;
- the target file does not have its set-user-ID mode bit enabled;
- the target file does not have both its set-group-ID and group-executable mode bits enabled; and
- the caller has permission to read and write the target file (either via the file's permissions mask or because it has suitable capabilities).
E a justificativa para isso deve ficar clara:
The default value in this file is 0. Setting the value to 1 prevents a longstanding class of security issues caused by hard-link-based time-of-check, time-of-use races, most commonly seen in world-writable directories such as /tmp.
Nos sistemas Debian, protected_hardlinks
e protected_symlinks
padrão são iguais a um, então fazer um link sem acesso de gravação ao arquivo não funciona:
$ ls -ld . ./foo
drwxrwxr-x 2 root itvirta 4096 Jul 11 16:43 ./
-rw-r--r-- 1 root root 4 Jul 11 16:43 ./foo
$ mv foo bar
$ ln bar bar2
ln: failed to create hard link 'bar2' => 'bar': Operation not permitted
A definição de protected_hardlinks
para zero elimina a restrição:
# echo 0 > /proc/sys/fs/protected_hardlinks
$ ln bar bar2
$ ls -l bar bar2
-rw-r--r-- 2 root root 4 Jul 11 16:43 bar
-rw-r--r-- 2 root root 4 Jul 11 16:43 bar2