lenny@quincy.UUCP (Lenny Tropiano) (10/07/87)
I think I may have given some mis-infomation... here's a reply to keep you all informed: |From: talcott.harvard.edu!panda!jpn (John P. Nelson) |Subject: Re: Security Problems (another episode) |Newsgroups: comp.sys.att,comp.unix.wizards,att.sys.unixpc |In-Reply-To: <58@quincy.UUCP> |Organization: GenRad, Inc., Concord, Mass. |>Here are some more things that urks me on the UNIX PC? Somebody went |>s-bit crazy! |> |>/bin/mv - why this I do not know, it should be linked |> with /bin/cp, /bin/ln (they compare [cmp] to |> be the same although /bin/mv is unlinked and |> s-bit'd as root? |> (Link it with: ln /bin/cp /bin/mv) | |There is a good reason why "mv" should be set-uid root. Since System V |does not provide a "rename" system call, moves are generally performed |with "link", "unlink" pairs. This does not need root privledge, unless |you want to be able to move DIRECTORIES: Only "root" is allowed to link |or unlink to a directory. | |No doubt, since cp and ln did not need root privledge, the implementers |decided to make a seperate copy of the program for "mv", and make THAT |set-uid. |The REAL solution is for AT&T to add the "rename" system call. -- Lenny Tropiano ...seismo!uunet!swlabs!godfre!quincy!lenny -or- American LP Systems, Inc. ...cmcl2!phri!gor!helm!quincy!lenny -or- 1777-18 Veterans Memorial Hwy. ...mtune!quincy!lenny -or Islandia, New York 11722 +1 516-582-5525 ...ihnp4!icus!quincy!lenny