Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!emory!gatech!psuvax1!rutgers!cmcl2!uupsi!uhasun!mgallagh
From: mgallagh@uhasun.hartford.edu (Michael Gallagher)
Newsgroups: comp.os.minix
Subject: Security hole ?!
Keywords: Program: rm"
Message-ID: <553@ultrix.uhasun.hartford.edu>
Date: 9 Apr 91 03:25:34 GMT
Sender: news@uhasun.hartford.edu
Organization: The University of Hartford
Lines: 20


  While doing some more testing/looking-about of Minix [1.5], came across
what I would tend to  certainly call a  potential security problem in 
Minix:

   Using two accts that were not priv'd, I found that while files created
by one could not be read, etc with by the other if protections were not set
for world or group [umask = 77], they COULD be rm'd. In fact, you are
prompted as to whether you wish to actually remove this file DESPITE that
it's protection code is 700 [no world or group access]. 

    This would seem to me to be a potential problem. i.e., files that must
stay world-readable, such as  passwd could be erased....

    Anyone know why this would be the case?? I suppose one could just 
patch rm & re-compile it, but I'm surprised that it is set as such.

 -mg