Nasty Security Hole?

Root Boy Jim rbj at nav.icst.nbs.gov
Wed Nov 23 03:19:41 AEST 1988


? From: Doug Gwyn  <gwyn at smoke.brl.mil>

? In article <2470 at aplcomm.jhuapl.edu> trn%warper.jhuapl.edu at aplvax.jhuapl.edu (Tony Nardo) writes:
? >A pity the implementers of UNIX didn't borrow one the idea of having a
? >separate "delete" bit.  It's one of a number of DEC features I miss.

? What in the world would it MEAN?  It is the DIRECTORY that is modified
? by an unlink, not the inode.  Would a "delete" bit then mean that no
? links to the inode could be removed?  Think about the consequences for
? a bit.  It would be horrible!

I'm not so sure. VMS has just that, and seems to work OK (did I actually
say that?). It also has a set of system bits that apply only to the
system account. How nice it would be to be able to be able as root to
chmod a file to some mode and then not be able to delete it before
chmod'ing it back to something else.

I have often felt that UNIX cramming mode and type bits together was
somewhat limiting. Perhaps 16 bits for the mode a la VMS is a bit much,
and the semantics would have to be rethought (yes, it is the directory
that is modified, but the rm command attempts to give the file something
to say about it, and the kernel could do the same), but think of all
the FEECHURS we could add to the kernel!!! :-)

	(Root Boy) Jim Cottrell	(301) 975-5688
	<rbj at nav.icst.nbs.gov> or <rbj at icst-cmr.arpa>
	Crackers and Worms -- Breakfast of Champions!



More information about the Comp.unix.wizards mailing list