The UNIX Filesystem API is profoundly broken, and user-settable symbolic links are to blame. In this talk I will explain how CVE-2021-20316 made me realize how symbolic links, introduced in 4.2BSD Unix from U.C. Berkeley, broke the previously elegant UNIX file system API and file system design. The design and implementation of symbolic links has caused years worth of security flaws and API patches to fix a conceptually broken idea. I also propose a modest suggestion in order to help Linux step away from this mess to a more secure by-design future.
Symbolic links Considered Harmful
Abstract
Jeremy Allison
CIQ / Samba Team.
Related Sessions
File Systems
Fast, scalable parallel file system performance is a key enabler of massively parallel computing as well as of emerging big data and machine learning applications.
Yong Chen
Samsung Electronics
Favorites
File Systems
The HDFS protocol supports POSIX.1e style ACLs.
Subin Govind
Dell Technologies
Favorites
SNIA Developer Conference
September 16-18, 2024
SDC 2024 is brought to you by SNIA. SNIA is an industry association committed to its mission of worldwide leadership developing and promoting architectures, standards, education and vendor-neutral collaboration.
