stuart (02/14/83)
>From previous articles you know how to control access to
a protected program using an impassable directory and
a setuid program to get through that directory.
But, you say, a user can escape from the program and make a link?
This is the world of UNIX ---- You can still have the last word.
Remember, you don't have the source for protected program.
If you did, solutions would be trivial (cd).
Have the setuid program fork off another process.
This process is responsible for neutralizing links to the
protected program:
Check for creation of links (do a stat(2) call of protected program).
Upon link detection,
copy program to new file,
REMOVE ALL PERMISSIONS on protected program
(thus making it useless to the looter),
unlink or change name of protected program.
set appropriate permissions on new protected program.
rename the copy to original name
You may also want to consider action to make perpetrator think twice next time.
-- Stuart Hollander (ucbvax!decvax!genradbolton!stuart)dave (02/17/83)
If you have a separate process run off in the background to catch links, what's to stop the user who has typed !sh from killing off that process before he does his linking? Dave Sherman Toronto