Restricting Symbolic Links (UNIX/Linux)
You can limit the use of the file system links in your server. File system links are references to files stored in other directories or file systems. The reference makes the remote file as accessible as if it were in the current directory. There are two types of file system links:
-
Hard links—A hard link is really two filenames that point to the same set of data blocks; the original file and the link are identical. For this reason, hard links cannot be on different file systems.
-
Symbolic (soft) links—A symbolic link consists of two files, an original file that contains the data, and another that points to the original file. Symbolic links are more flexible than hard links. Symbolic links can be used across different file systems and can be linked to directories.
For more information about hard and symbolic links, see your UNIX/Linux system documentation.
File system links are an easy way to create pointers to documents outside of the primary document directory and anyone can create these links. People can thus create pointers to sensitive files such as confidential documents or system password files.
To restrict symbolic links, follow these steps:
To Restrict Symbolic Links
-
From the virtual server page, click the Content Handling tab.
-
Click the General sub tab.
-
Go to the Symbolic Links section under Miscellaneous.
-
Choose whether to enable soft and/or hard links and the directory to start from.
-
Click Save
Note –Using CLI
To restrict symbolic links through CLI, execute the following command.
wadm> set-symlinks-prop --user=admin --password-file=admin.pwd --host=serverhost --port=8989 --config=config1 --vs=config1_vs_1 allow-soft-links=true allow-hard-links=false directory=/abc
See CLI Reference, set-symlinks-prop(1).
- © 2010, Oracle Corporation and/or its affiliates