Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!uwm.edu!cs.utexas.edu!mailrus!uflorida!winnie!pd1!bill
From: bill@pd1.ccd.harris.com (Bill Davis)
Newsgroups: comp.unix.wizards
Subject: Re: Is there an FSDB Manual?
Message-ID: <572@pd1.ccd.harris.com>
Date: 4 Oct 89 21:11:01 GMT
References: <1221@virtech.UUCP> <4960@cbnewsm.ATT.COM>
Reply-To: bill@pd1.ccd.harris.com (Bill Davis)
Distribution: comp
Organization: Harris Controls and Composition Div., Melbourne Fla.
Lines: 25

In article <4960@cbnewsm.ATT.COM> szirin@cbnewsm.ATT.COM writes:
>
>Of course, anyone that can figure out how to use fsdb can easily read your
>private file without ever touching the directory entry...

If this were true, it would be a nasty security hole.
Just by knowing fsdb, I could look anywhere in a file
system and read the contents of files.

This doesn't happen here.  Based on information
available here, I have reason to believe
it doesn't happen with the major variants of Unix.
Anyone care to tell me if I am wrong VIA EMAIL
to avoid spreading any "how to break a Unix system"
information too widely?  Or better yet, if you find
a version of Unix that lets someone other than
root run fsdb and get information out of it (or
worse yet, change it), perhaps you might want to tell
your system vendor about it.  You probably don't
want your system to remain that way.
-- 
* Truth comes as an enemy only to those who have lost the ability to welcome  *
* it as a friend. ** Be thankful for your troubles.  If your job did not have *
* problems, they could hire someone else to do your job at half the cost.     *
Bill Davis   EMAIL: w.davis@ccd.harris.com (<-best) uunet!hcx1!pd1!bill