SUID directories -- security concern?
Tom Christiansen
tchrist at convex.COM
Tue Feb 27 03:26:09 AEST 1990
In article <4555 at hemuli.tik.vtt.fi> tml at hemuli.tik.vtt.fi (Tor Lillqvist) writes:
>The context-dependent files in HP-UX is IMHO a rather clever idea. A
>bit like Apollo's symbolic links containing environment variables. Is
>there any chance of other vendors taking up the idea?
In ConvexOS, you have conditional symbolic links that work this way:
you've a one-byte field in your user entry called u_warp which is the
current "universe". When evaluating the symbolic links, the kernel takes
into consideration your current u_warp value, and uses this as an index
into the "|"-delimited contents of the links. There are system calls to
set and get your current warp. If an /etc/warps exists, it defines the
mapping between string and numeric universes for use by library routines.
Watch:
% cat /etc/warps
#
# warp logical name to physical value translation file.
#
# entries are of the form:
# value name optional_aliases
0 release default base zero # installed system
1 patch fixes # patched system
2 new # up-coming release
% warp
release
% warp patch
%
Watch:
% mv /bin/ld /usr/old/
% ln -s "/usr/old/ld|/usr/new/ld" /bin/ld
% ll /bin/ld
lrwxrwxrwx 1 tchrist 23 Feb 26 10:15 /bin/ld -> /usr/old/ld|/usr/new/ld
If you're in universe 0, you get /usr/old/ld, universe 1 you get
/usr/new/ld, and anything else (like universe 2) you get universe
0, which is /usr/old/ld.
This is utterly undocumented, unsupported, and subject to change without
notice. We merely use it internally for more flexible build environments,
for which it's a nice solution. If you think regular symblic links
introduce another order of complexity into the file system that have the
potential for massive confusion, just consider what these do.
--tom
--
Tom Christiansen {uunet,uiucdcs,sun}!convex!tchrist
Convex Computer Corporation tchrist at convex.COM
"EMACS belongs in <sys/errno.h>: Editor too big!"
More information about the Comp.unix.wizards
mailing list