Determining User Access on a Linux Filesystem with „Classic Permissions“

Symbolic Links

A user can create symbolic links in a directory with write permissions; they can point to arbitrary locations in the directory tree.

If a symbolic link is accessed, it is de-referenced to the path it points to. If accessing the file or directory the symbolic link points to, the access restrictions of that file or directory apply.

To test this, create a symbolic link to the plain file „test“ outside of „component1“:

ln -s /tmp/component1/component2/test /tmp/test-symlink

An attempt to access the file via symbolic link as unprivileged user fails:

sudo -u user3 cat /tmp/test-symlink
cat: /tmp/test-symlink: Permission denied

If a symbolic link points to a resource that does not exist or can not be accessed by the current user, the symbolic link will be reported to that user as „broken“.