mkdir(2) on System V

guy at sun.UUCP guy at sun.UUCP
Tue Apr 29 04:13:36 AEST 1986 

> mkdir(2) was a security problem (think about it).

What the hell are you talking about?  Do you know what the "mkdir" system
call actually does?  Are you aware that it makes a directory *with the "."
and ".." entries included*?  It has the same semantics as calling the
"mkdir" command (although, unlike the "mkdir" command, it allows a set-UID
program to make directories using its effective UID).

Furthermore, I'm not sure what this "*was* a security problem" stuff is.
This, and the line from the previous article

> > UNIX system V users may have remarqued there is no "mkdir(2)" system call.
> > It is replaced by "mknod(2)", but must be executed only by super-user.

indicate that people think "mkdir" was in some older version of UNIX, but
removed from System V.  This is totally incorrect.  The "mkdir" system call
appeared in 4.2BSD.   It was not in V7, and wasn't added in S3 or S5.  It
*is*, however, in the IEEE P1003 Portable Operating System Environment's
standard, and as such may well appear in future System V releases.

> If you are porting programs that use it to System V, you should #define
> it to the equivalent system("mkdir ...") sequence.

There is no 100% equivalent "mkdir ..." sequence; as I mentioned above,
since "mkdir" is itself a set-UID program, a set-UID program which uses
"mkdir" to create a directory can only do so with the privileges of its
*real* UID, not its *effective* UID.  Also note that the "mkdir" system call
takes a "mode" argument, just like "creat", so if you're not doing
"mkdir(<path>, 0777)" you'll have to do a "chmod" after making the directory
(remember to include the "umask" with whatever mode you change it to, and if
you want to be *strictly* equivalent, don't do the "chmod" if the directory
already exists!).

As for the question

> > Why is it necessary to be super-user for creating an own directory ?

the answer is that, while the "mkdir" system call creates a complete new
directory, with "." and ".." entries, the "mknod" system call merely creates
the directory inode and directory entry pointing to it.  As such, you could
create a directory with no "." or ".." entries, which could cause some
confusion and may make "fsck" very unhappy.  (Also, "mknod" can create other
things, such as, for example, a special file which refers to the disk
partition on which the root file system resides; this, obviously, should be
restricted to the super-user.  If "mknod" made complete directories, it
could permit non-super-users to make only inodes of type FIFO and directory.)
-- 
	Guy Harris
	{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
	guy at sun.arpa

More information about the Comp.unix.wizards mailing list