SUID directories -- security concern?
Jim Reid
jim at cs.strath.ac.uk
Tue Feb 27 01:05:39 AEST 1990
In article <4555 at hemuli.tik.vtt.fi> tml at hemuli.tik.vtt.fi (Tor Lillqvist) writes:
>The context-dependent files in HP-UX is IMHO a rather clever idea. A
>bit like Apollo's symbolic links containing environment variables.
That's your opinion. I strongly dislike both ideas though I can see why
people have invented these kludges. [Both ideas are quick and dirty
hacks that make a mess of the simple elegance of the UNIX filesystem.]
Context-dependent files (CDF) uses supposedly invisible directories.
They aren't. [It's also ugly that an extra character - '+' - is added to
a CDF name so one can "see" the context-dependent entries. What can you do
if you need a CDF filename that has to end with a '+'? It also adds an
unnecessary and unsightly complication to the kernel's namei() routine.]
On the more general point, I find it distasteful that a process can
manipulate its visible filename name space by altering environment
variables or contexts or whatever. When someone or something specifies a
pathname, the resulting file that is found should not be conditional on
the setting of external process-specific factors like an environment
variable. [i.e. If I ask someone to look at /foo/bar, the file they see
should be the one that I see. Neither of us should have to worry about the
value of the likes of an environment variable that will influence the way
that the kernel parses that pathname.]
>Is there any chance of other vendors taking up the idea?
I sincerely hope not.
Jim
More information about the Comp.unix.wizards
mailing list