Hard Links between UNIX Utility Programs
Chris Torek
chris at mimsy.UUCP
Wed Jul 27 13:13:20 AEST 1988
It is not broken; please do not `fix' it. If the goal is to prevent
programs from running with arbitrary arguments (including argv[0]),
then do that (via the available protection mechanisms, such as
groups). For instance, if students should not be allowed remote
access to arbitrary hosts:
% ls -lg /usr/ucb/rsh /usr/ucb/rlogin
-rwsr-x--- 1 root ins 30720 Mar 15 11:31 /usr/ucb/rlogin
-rwsr-x--- 1 root ins 28672 Sep 2 1987 /usr/ucb/rsh
% ls -lg local_host
-rwxr-sr-x 1 bin ins <size> <date, time> local_host
% ls -l local_host remote_host
lrwxrwxrwx 1 bin 12 Jun 11 04:13 remote_host -> /usr/ucb/rsh
where `local_host' is a link to a program that makes sure the arguments
are to be allowed to students, then runs /usr/ucb/rsh, and where `ins'
is a group that excludes students.
--
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain: chris at mimsy.umd.edu Path: uunet!mimsy!chris
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list