System V letting random users chown

pdb at sei.cmu.edu.UUCP pdb at sei.cmu.edu.UUCP
Sun Mar 15 17:14:49 AEST 1987


Hmm...looks like my ignorance of the "offical" AT&T Unixes is showing.
But then again, I use real Unix, not System V :-).

Anyway, if System V clears the 6000 bits of the file protection, then
the set-uid glitch is a non-issue, but opens up a bunch of other problems.
I, for one, wouldn't want there to be any way for a non-root user to make
it look like I created some random file (like, for instance, writing a program
to do some anti-social thing like a mkdir/chdir loop, moving it into /usr/tmp,
and chowning it to me).  Is there any way to track the original creator of
a file?

For files that need to be accessed by groups of people, the BSD group list
concept really works much better (does Sys V have an analog to this?)

And speaking of "official" AT&T Unix, does anyone know if they ever plan
to make Eighth Edition Unix available outside of AT&T?

--Pat.



More information about the Comp.unix.questions mailing list