leo@philmds.UUCP (Leo de Wit) (07/05/88)
The open system call allows setting the sticky bit to non-root users,
for example
close(open(filename,O_WRONLY|O_CREAT|O_TRUNC,512));
creates a file with sticky bit set. But, according to sticky(8):
Only the super-user can set the sticky bit.
B.T.W. the chmod(1) command does (correctly) not allow setting the
sticky bit for non-root users.
Leo.haugj@pigs.UUCP (Joe Bob Willie) (07/07/88)
In article <552@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes: >The open system call allows setting the sticky bit to non-root users, >for example [ using Ultrix ] > > close(open(filename,O_WRONLY|O_CREAT|O_TRUNC,512)); > >creates a file with sticky bit set. But, according to sticky(8): > > Only the super-user can set the sticky bit. just finished trying it here and the results are: Script started on Wed Jul 6 17:18:14 1988 1 - pigs-> cat bug.c #include <fcntl.h> main () { close (open ("bug.test", O_WRONLY|O_CREAT|O_TRUNC, 01000)); perror ("bug.test"); } 2 - pigs-> cc -o bug bug.c C-68000 1.8.0 Copyright (c)1985,1986 Green Hills Software, Inc. 3 - pigs-> bug bug.test: Error 0 4 - pigs-> ls -l bug.test ---------- 1 haugj sys 0 Jul 6 17:18 bug.test 5 - pigs-> script done on Wed Jul 6 17:19:02 1988 nope, no bug here. must be an ultrix value added feature ;-) - john. -- John "Evil USENET User" F. Haugh II HECI Exploration Co, Inc., Dallas UUCP: ...!killer!rpp386!jfh jfh@rpp386.UUCP :DOMAIN **** Trivia question of the day: VYARZERZIMANIMORORSEZASSEZANSERAREORSES? **** "You are in a twisty little maze of UUCP connections, all alike" -- fortune
vixie@palo-alto.DEC.COM (Paul Vixie) (07/08/88)
In article <241@pigs.UUCP> haugj@pigs.UUCP (Joe Bob Willie) writes: # In article <552@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes: # >The open system call allows setting the sticky bit to non-root users, # >for example [ using Ultrix ] # > # > close(open(filename,O_WRONLY|O_CREAT|O_TRUNC,512)); # > # >creates a file with sticky bit set. But, according to sticky(8): # > # > Only the super-user can set the sticky bit. # # just finished trying it here and the results are: # [...] # ---------- 1 haugj sys 0 Jul 6 17:18 bug.test # nope, no bug here. must be an ultrix value added feature ;-) I got this on an Ultrix 2.X machine: ---------t 1 vixie 0 Jul 7 23:38 bug.test I don't have a 4.2 system handy, but on Ultrix 1.2: ---------- 1 vixie 0 Jul 7 23:49 bug.test On 4.3BSD (+ all comp.bugs.4bsd.ucb-fixes): ---------- 1 vix 0 Jul 7 23:47 bug.test Note: I am not part of the Ultrix group. If I get time I'll see if I can notice this problem and bring it to the attention of someone (who, I do not know) who might be interested in it. No guarantees. DEC is definitely not aware that I am posting this. -- Paul Vixie Digital Equipment Corporation Work: vixie@dec.com Play: paul@vixie.UUCP Western Research Laboratory uunet!decwrl!vixie uunet!vixie!paul Palo Alto, California, USA +1 415 853 6600 +1 415 864 7013
robert@computing-maths.cardiff.ac.uk (Robert Evans) (07/14/88)
In article <3341@palo-alto.DEC.COM> vixie@palo-alto.DEC.COM (Paul Vixie) writes: >In article <241@pigs.UUCP> haugj@pigs.UUCP (Joe Bob Willie) writes: ># In article <552@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes: ># >The open system call allows setting the sticky bit to non-root users, ># >for example [ using Ultrix ] The same feature can be observed on a Sun (3/160) running SunOS 3.5: Script started on Thu Jul 14 13:51:31 1988 geometry% cat bug.c #include <fcntl.h> main () { close (open ("bug.test", O_WRONLY|O_CREAT|O_TRUNC, 01000)); perror ("bug.test"); } geometry% cc -o bug bug.c geometry% bug bug.test: Error 0 geometry% ls -l bug.test ---------t 1 robert 0 Jul 14 13:52 bug.test geometry% script done on Thu Jul 14 13:52:13 1988 -- -- Robert Evans, Dept of Computing Maths, University College Cardiff, PO Box 78, Cardiff, Wales, UK, CF1 1XL. Tel: +44 (0)222 874000 x 5518 E-mail: R.Evans@computing-maths.cardiff.ac.uk UUCP: R.Evans@cf-cm.UUCP
zap@nada.kth.se (Svante Lindahl) (07/24/88)
[ Bug: anybody can create file with sticky-bit. Leo de Wit found the bug under Ultrix 2.0. Joe Bob Willie reports no bug on Plexus. Paul Vixie finds bug on Ultrix 2.x, but it is not present on the Ultrix 1.2 and 4.3BSD systems he tested. Robert Evans says that SunOS 3.5 has it. ] I tested the following systems: Pyramid OSx 4.0: Bug present Sequent Dynix 3.0.4: Bug present VAX 4.3BSD: Bug not present VAX 4.3BSD+NFS (MtXinu): Bug present Sun SunOS 3.4.2 Bug present All the systems were the bug has been found have NFS. None of the systems that don't have the bug have NFS. Draw your own conclusions from that. Svante Lindahl zap@nada.kth.se zap@sestak.bitnet
terryl@tekcrl.CRL.TEK.COM (07/26/88)
In article <472@draken.nada.kth.se> zap@nada.kth.se (Svante Lindahl) writes: >[ Bug: anybody can create file with sticky-bit. > Leo de Wit found the bug under Ultrix 2.0. > Joe Bob Willie reports no bug on Plexus. > Paul Vixie finds bug on Ultrix 2.x, but it is not present on > the Ultrix 1.2 and 4.3BSD systems he tested. > Robert Evans says that SunOS 3.5 has it. ] > >I tested the following systems: >Pyramid OSx 4.0: Bug present >Sequent Dynix 3.0.4: Bug present >VAX 4.3BSD: Bug not present >VAX 4.3BSD+NFS (MtXinu): Bug present >Sun SunOS 3.4.2 Bug present > >All the systems were the bug has been found have NFS. None of the >systems that don't have the bug have NFS. Draw your own conclusions >from that. Perusing kernel sources, one can find (for 4.2/4.3 generic-type systems) the following code fragment(when creating a file for the FIRST time): .... = ....(arg&07777&(~ISVTX)); where .... is something to keep the ATT lawyers (and Berkeley's!!! (-:) off my back; ISVTX is the "sticky bit". So one can see that under generic 4.3 systems, no one (not even root) can create a file with the "sticky bit" set. Looking at kernel sources for an NFS machine, I found a similar code fragment, but without the corresponding ISVTX (actually, I found it with the fragment in, but the log specifically said it was a fix; earlier versions did NOT have the corresponding ISVTX fragment). So, from this information, I think it is safe to assume that it is a bug peculiar to NFS, and not 4.2/4.3 generic-type systems (which is strange, because the NFS code is VERY close to the generic 4.2/4.3 code; sounds like someone fat-fingered it....).