rm etc. (was: Nasty Security Hole?)

[Brandon S. Allbery]

As quoted from <730 at quintus.UUCP> by ok at quintus.uucp (Richard A. O'Keefe):
+---------------
| In article <8956 at smoke.BRL.MIL> gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:
| >In article <480 at auspex.UUCP> guy at auspex.UUCP (Guy Harris) writes:
| >->A utility such as "rm" COULD perform extra checks based on the permissions
| >-So does the System V Release 3.1 one, and, if I remember correctly, so
| >-did the V7 and perhaps even the V6 one; one can hardly flame Berkeley
| >-for this one.
| >But I think it was Berkeley who decided to prompt with a completely
| >misleading question!  I've known others who disliked this.
| 
| Hmm.  Let's compare 4.2BSD and V.2 on a Sequent:
| 	% cp /dev/null zabbo
| 	% chmod 000 zabbo
| 	% att rm zabbo
| 	zabbo: 0 mode ? n
| 	% bsd rm zabbo
| 	rm: override protection 0 for zabbo? n
+---------------

If UUNET is any guide, V.2 on Sequents isn't.

	$ >foo
	$ chmod 0 foo
	$ rm foo
	rm: remove foo? n
	$ _

I've seen the above on quite a few systems of V.2, V.3, and Xenix 5.x
pursuasions.

++Brandon
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery at hal.cwru.edu
allberyb at skybridge.sdi.cwru.edu	      <ALSO>		   allbery at uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>.