Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!aplcen!boingo.med.jhu.edu!haven!adm!news From: mail-support%cernvax.cern.ch@pucc.princeton.edu Newsgroups: comp.unix.internals Subject: Warning: Failed mail to VMS host Message-ID: <25273@adm.brl.mil> Date: 14 Dec 90 21:39:57 GMT Sender: news@adm.brl.mil Lines: 117 Your message to <@DxMINT.cern.ch:OLAVI%13411.decnet.CERN@CERNVAX.BITNET> could not be delivered. The error message was: Deferred: %MAIL-E-OPENOUT, error openning as output This message is equivalent to the DECnet-VAX error message: -SYSTEM-F-EXDISKQUOTA, disk quota exceeded The reason why your message could not be delivered is caused by the fact that your correspondants account has ran out of diskquota. Please contact your correspondant (by phone or otherwise) and tell him about this problem. ====== The start of Your original message ====== UNIX-WIZARDS Digest Fri, 14 Dec 1990 V11#061 Today's Topics: Re: non-superuser chown(2)s considered harmful Re: Multics bloat??? Are you sure??? Re: Shared memory (shm) - a safe way to pick ids? Has anyone hacked ftpd to keep a log of outgoing files? Re: Has anyone hacked ftpd to keep a log of outgoing files? What does sync() _really_ do? Re: PROCESS MIGRATION Re: Password and gecos Re: Complex security mechanism is unsecure Re: What do I do wrong? Re: fun things mapped into user space Programmatic interface to dynamic linker Re: How to get past end of cpio archive on tape Re: How do you find the symbolic links to files. Re: Unix files should have both real and effective ids for files too sdbm is available. Re: Jargon file v2.1.5 28 NOV 1990 -- part 5 of 6 Re: Interfaces for accessing kernel memory Re: Preventing date rollback Re: PROCESS MIGRATION IN UNIX Re: Looking for code ----------------------------------------------------------------- From: Leslie Mikesell Subject: Re: non-superuser chown(2)s considered harmful Keywords: chown, mail Date: 11 Dec 90 20:36:32 GMT To: unix-wizards@sem.brl.mil In article <1990Dec11.005644.20688@cbnewsk.att.com> hansen@pegasus.att.com (Tony L. Hansen) writes: >< Exactly. This is why several people have been arguing for chown() to >< work between current and effective uids. Does chown() have any other >< reasonable use? > >The mail(1) command uses chown(2) and set-gid to give a secure mail system. I >feel that other methods are fraught with potential security holes. > > Tony Hansen > att!pegasus!hansen, attmail!tony > hansen@pegasus.att.com Are you talking about the same SysV /bin/mail that I have (AT&T SysVr3) that uses the environment variable LOGNAME to decide who you are and allows you to forward your mail with the command: mail -F new_address If you are, try: MAIL=/usr/mail/you LOGNAME=you mail -F me (replace "you" with someone else on the system who happens to have an empty mailbox, and "me" with your login name) Then tell me if you would still describe the system as secure. Les Mikesell les@chinet.chi.il.us ----------------------------- From: Rik Harris Subject: Re: non-superuser chown(2)s considered harmful Date: 13 Dec 90 15:51:48 GMT To: unix-wizards@sem.brl.mil dag@fciva.FRANKLIN.COM (Daniel A. Graifer) writes: >In article <1990Dec11.101909.10851@kithrup.COM> sef@kithrup.COM (Sean Eric Fagan) writes: >> >>I prefer the control you get from a proper implementation of ACL's. See >>Elxsi's EMBOS for an example. (Normal ACL's, an extension of Unix's rwx >>philosophy, with users and groups; passwords for files [I forget whether >>different users could have different passwords; I think so], and the ability >>to specify that a file can only be accessed using a program from a given >>program list [*neat*; I couldn't think of a normal use for SUID programs >>under embos given that!].) [guardfile stuff deleted] >This is off the subject of unix internals, but Burroughs had a lot of the >elements in place for an 'object-oriented' file system clear back in the >early '70s. If we're going to talk about where we'd like unix to go, there >are previous successful experiances to guide us. Eeek! The reason I love unix so much is because it's simple. Start adding security `features' like this, and things start getting complex. ACL's are nice, but generally groups are sufficient (given a good group managment system, though). Rik. -- Rik Harris - edp367s@monu6.cc.monash.edu.au | Build a system that new address! rik@sola.fcit.monash.edu.au | even a fool can use, Faculty of Computing and Information Technology, | and only a fool will Monash University, Caulfield Campus, Australia | want to use it.