4

I've read that the command (and perhaps the system call, too) for creating hard links will not let one create hard links for directories. I also understand that hard links can pose problems for path-based security like DAC, Linux Security Modules, and IMA/EVM. If hard links cannot be created to directories, then that takes care of security problems that might be posed with such. But, is it possible to create two or more hard links to a directory inode by editing a filesystem at the storage level?

Melab
  • 4,048

2 Answers2

7

Directories do have hard links... every time you mkdir a new directory then the .. entry is a link to the same inode as the parent directory.

eg

$ ls -lid .
23855134 drwxr-xr-x 2 sweh sweh 4096 Sep  8 21:57 .
$ mkdir foo
$ ls -lid . foo/..
23855134 drwxr-xr-x 3 sweh sweh 4096 Sep  8 21:57 .
23855134 drwxr-xr-x 3 sweh sweh 4096 Sep  8 21:57 foo/..

We can see the link count on the directory has gone up by 1 (from 2 to 3) and the inode of "." and "foo/.." are both 23855134. You notice it started with a link count of two; that's because "." and the entry in the parent directory also share inode number

$ ls -lid foo foo/.
23855343 drwxr-xr-x 2 sweh sweh 4096 Sep  8 21:57 foo
23855343 drwxr-xr-x 2 sweh sweh 4096 Sep  8 21:57 foo/.

Now if you were able to make another link via editing the filesystem you could easily end up with fsck complaining.

Don't do it :-)

6

Technically, you can do it, quite easily too: debugfs has a ln command which can create directory hard links. Doing this produces a working file system with multiple directories pointing at the same inode (beyond .. as in Stephen Harris' answer), although you need to handle the link count manually if you want that to appear properly.

As Stephen says, this will make e2fsck unhappy, and it will remove duplicate directory entries (you won't lose data though, it will leave one directory).

(I haven't tried anything really broken, directory loops in particular...)

Stephen Kitt
  • 434,908