Determining User Access on a Linux Filesystem with „Classic Permissions“

Hard Links

A hard link to a file creates an alternative location of that file in the directory structure. Hard links can not be created for directories. Any plain file can be thought of as the first of potentially many hard links pointing to the same resource in the underlying filesystem.

All hard links to a file resource share common access permissions. However, access restrictions implied by the components of their paths can differ if the paths leading up to them are different.

To test this, create a hard link to the file „test“ that resides in the path „/tmp/component1/component2“ where component1 bars user „user3“ from access. Make sure that „test“ grants read access to others.

sudo chmod 750 /tmp/component1
sudo chmod 644 /tmp/component1/component2/test
sudo ln /tmp/component1/component2/test /tmp/test-hardlink

The attempt to access the hard link as an unprivileged user succeeds:

sudo -u user3 cat /tmp/test-hardlink

Next, revoke unprivileged access to „test“:

sudo chmod 640 /tmp/component1/component2/test

Now, the attempt to access the hard link will fail:

sudo -u user3 cat /tmp/test-hardlink