Path: utzoo!attcan!uunet!bu.edu!xylogics!samsung!usc!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <1990Dec11.103057.11204@kithrup.COM>
Date: 11 Dec 90 10:30:57 GMT
References: <18792@rpp386.cactus.org> <1990Dec8.184047.22221@mp.cs.niu.edu> <2789@cirrusl.UUCP>
Organization: Kithrup Enterprises, Ltd.
Lines: 31

In article <2789@cirrusl.UUCP> dhesi%cirrusl@oliveb.ATC.olivetti.com (Rahul Dhesi) writes:
>However, consider a UNIX system with 1,000 or more users.  

You mean like Amdahls?  Running UTS?  A SysV derivative?

>In the absence of reasonable resource quotas, the administrator would have
>time to do little else but track down culprits involved in deliberate
>or accidental denial-of-service incidents.  

Hmm.  Most of the Amdahl administrators I've communicated with seemed to
indicate that they had enough spare time to chat away in email.  Seems as if
they didn't have all of their time taken up with tracking down culprits.

>Hence the greater restrictions such as a restricted chown, 

Why not restrict mkdir and cd, as well, to prevent the infamous

	while :
	do
		mkdir foo
		cd foo
	done

?  And, while we're at it, why not restrict read, and write, and open, and
close, and sync, and lseek, and getpid, and getuid, and geteuid, and...

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.