System V letting random users chown
pdb at sei.cmu.edu.UUCP
pdb at sei.cmu.edu.UUCP
Sun Mar 15 17:14:49 AEST 1987
Hmm...looks like my ignorance of the "offical" AT&T Unixes is showing.
But then again, I use real Unix, not System V :-).
Anyway, if System V clears the 6000 bits of the file protection, then
the set-uid glitch is a non-issue, but opens up a bunch of other problems.
I, for one, wouldn't want there to be any way for a non-root user to make
it look like I created some random file (like, for instance, writing a program
to do some anti-social thing like a mkdir/chdir loop, moving it into /usr/tmp,
and chowning it to me). Is there any way to track the original creator of
a file?
For files that need to be accessed by groups of people, the BSD group list
concept really works much better (does Sys V have an analog to this?)
And speaking of "official" AT&T Unix, does anyone know if they ever plan
to make Eighth Edition Unix available outside of AT&T?
--Pat.
More information about the Comp.unix.wizards
mailing list