[comp.os.minix] MINIX 1.2 rm-command

usenet@cps3xx.UUCP (Usenet file owner) (02/15/89)

MINIX 1.2 (640K-PC) is being used to teach the OS course. It was
observed that the 'rm' command is willing to remove any file in the
system by switching over to interactive mode, when one is logged in as
ast (not root or su).

	$ rm /etc/passwd
	rm: remove /etc/passwd (mode = 644) ?

This was fixed by patching the file commands/rm.c and installing the
recompiled rm in /bin. The cdiff is given below.

-- ishwar rattan (rattan@frith.egr.msu.edu)
-------------------------------------------------------------
*** rm.c.old ***
--- rm.c ---
*** 105-112 ***
else {
   if (access(name, 2) && !fflag) {

--- 105-113 ---
else {
   if (access(name, 2) && !fflag) {
      stderr3("rm: ", name, " not removed\n");
      /* stderr3("rm: remove", name, " ( mode = ");
       * octal(s.st_mode & 0777);
       * std_err(") ? ");
       * if ( !confirm()) */
       return;
     }
---------------------------------------------------------------

pa1343@sdcc15.ucsd.edu (pa1343) (02/18/89)

In article <1838@cps3xx.UUCP> rattan@frith.egr.msu.edu () writes:
>
>MINIX 1.2 (640K-PC) is being used to teach the OS course. It was
>observed that the 'rm' command is willing to remove any file in the
>system by switching over to interactive mode, when one is logged in as
>ast (not root or su).
>
>	$ rm /etc/passwd
>	rm: remove /etc/passwd (mode = 644) ?
Is rm setuid to root on your system?  If not then we have a BIG problem
because the unlink() system call is supposed to check for permissions.
rm should not be able to unlink a file not owned by the user.  That
decision is made by unlink().  Rm should also not be SUID root because
that will give it permissions to unlink any file.  Perhaps I ought to bring up 
my 1.3 version and see if this exists on the new version.  I will post any
strange results.

Oh, by the way, if a file is in a directory which is writable by you then
you can delete ANY regular file in that directory, regardless of its owner
or permissions.  This exists also on commercial UNIX. (sV, BSD)


-- 
+-----------------------------------------+
| John J. Marco -- pa1343@sdcc15.ucsd.edu | 
| ...!uunet!sdcc15.ucsd.edu!pa1343	  |  
+-----------------------------------------+

usenet@cps3xx.UUCP (Usenet file owner) (02/22/89)

  >> In article<1838@cps3xx.UUCP> rattan@frith.egr.msu.edu wrires:
  >> MINIX 1.2 (640K-PC) is being used to teach the OS course. It was
  >> observed that 'rm' command is willing to remove any file ...
  >
  > In article <1131@sdcc15.ucsd.edu> pa1343@sdcc15.ucsd.edu writes:
  > Is rm setuid to root on your system? ...

No. It is not setuid to root in the original distrbution also. The
directories involved didn't have write permission.

-- ishwar rattan (rattan@frith.egr.msu.edu)