Nasty Security Hole?
Barry Margolin
barmar at think.COM
Mon Nov 28 16:09:58 AEST 1988
In article <6527 at june.cs.washington.edu> ka at june.cs.washington.edu (Kenneth Almquist) writes:
>grs at alobar.ATT.COM (Gregg Siegfried) writes:
>> By setting the sticky bit (chmod 1xxx
>> file) on a directory, users are prevented from removing any files from that
>> directory except those that they own, even if the directory permissions are
>> 777.
>I'm not sure what problem this "feature" is supposed to solve, anyway.
[He presumes it is for /tmp, and suggests each user have his own
temp-dir.]
No, I think it was invented specifically for /usr/spool/mail.
Everyone must be able to remove or rename his incoming mail file.
Giving each user his own subdirectory of /usr/spool/mail might be a
possibility, but it would be an incompatible change that would affect
many mail-reading/sending facilities that know about /usr/spool/mail.
Barry Margolin
Thinking Machines Corp.
barmar at think.com
{uunet,harvard}!think!barmar
More information about the Comp.unix.wizards
mailing list