> From: Alec Muffett
> until someone realised that you could do:
> ln -s /bin/scriptname ./-i
> "-i" # assuming that "." is already in your path
> ...and get a root shell.
I'm clearly not very awake this morning, because I don't understand how this
works. Can you break it down a little? Thanks!
Is it just me, or did someone actually implement set-uid scripts? I've
proposed some silly things over the decades (my favourite is stty()
working on things other than terminals, and guess what, we got ioctl()
etc) but I have a vague recollection of this...
The trouble is, I've worked with dozens of Unix-based vendors over the
years (some good, some not so much) and so I've lost track of all the
stupidity that I've seen.
ObAnecdote: Just about every Unix vendor went belly-up shortly after I
left them (under various circumstances), because the waste-of-space middle
managers simply did not appreciate the importance of having a Unix guru
on board if you're in the game of selling Unix boxen.
I'd happily name them, but I think the principals are still alive :-)
Read and write permission were common ideas--even part of
the Atlas paging hardware that was described before 1960.
The original concept of time-sharing was to give a virtual
computer to each user. When it became clear that sharing
was an equally important aspect, owner/other permissions
arose. I believe that was the case with Multics.
Owner/other permissions were in PDP-11 Unix from the start.
Group permissions arose from the ferment of daily talk in
the Unix lab. How might the usual protections be extended
to collaborative projects? Ken and Dennis deserve credit
for the final implementation. Yet clean as the idea of groups
was, it has been used only sporadically (in my experience).
Execute permission (much overloaded in Unix) also dates
back to the dawn of paging. One Unix innovation, due to
Dennis, was the suid bit--the only patented feature in
the Research system. It was instantly adopted for
maintaining the Moo (a game now sold under the name
"Master Mind") league standings table.
One trouble with full-blown ACLs as required by NSA's
Orange Book, is obscurity. It is hard (possibly NP-
complete) to analyze the actual security of an ACL
A common failing of Unix administration was a proliferation
of suid-root programs, e.g. mail(1). I recall one system
that had a hundred such programs. Sudo provided a way
station between suid and ACLs.
> From: Arthur Krewat
> there's the setuid bit on directories - otherwise known as the sticky
Minor nit; in V6 at least (not sure about later), the 'sticky' bit was a
separate bit from SUID and SGID. (When set on a pure/split object file, it
told the OS to retain the text image on the swap device even when no active
process was using it. Hence the name...)
Hi all, I'm chasing the Youtube video of the PDP-7 at Bell Labs where
people are using it to draw circuit schematics. This seems to show
the Graphics-2 module that, I believe, was built at the Labs. Can
someone e-mail the URL? I've done some grepping but I haven't found it yet.