- 1Introduction
- 2Classic Permissions
- 3Simultaneous User- and Group-Ownership
- 4Restricted Delegation
- 5Absolute Paths and Path Components
- 6Directory Write-Permissions
- 7Directory Execute-Permissions
- 8Symbolic Links
- 9Hard Links
- 10"Does User X have Access to File Y?"
- 11Observations and Caveats
- 12A Partial Test Procedure
Hard Links
A hard link to a file creates an alternative location of that file in the directory structure. Hard links can not be created for directories. Any plain file can be thought of as the first of potentially many hard links pointing to the same resource in the underlying filesystem.
All hard links to a file resource share common access permissions. However, access restrictions implied by the components of their paths can differ if the paths leading up to them are different.
To test this, create a hard link to the file „test“ that resides in the path „/tmp/component1/component2“ where component1 bars user „user3“ from access. Make sure that „test“ grants read access to others.
sudo chmod 750 /tmp/component1
sudo chmod 644 /tmp/component1/component2/test
sudo ln /tmp/component1/component2/test /tmp/test-hardlink
The attempt to access the hard link as an unprivileged user succeeds:
sudo -u user3 cat /tmp/test-hardlink
Next, revoke unprivileged access to „test“:
sudo chmod 640 /tmp/component1/component2/test
Now, the attempt to access the hard link will fail:
sudo -u user3 cat /tmp/test-hardlink