Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!elroy.jpl.nasa.gov!usc!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!mcsun!hp4nl!philapd!apdnm!baukje.idca.tds.philips.nl!groot From: groot@idca.tds.philips.nl (Henk de Groot) Newsgroups: comp.os.minix Subject: Re: Security hole ?! Keywords: Program: rm" Message-ID: Date: 9 Apr 91 13:23:50 GMT References: <553@ultrix.uhasun.hartford.edu> Sender: news@idca.tds.philips.nl Reply-To: groot@idca.tds.philips.nl (Henk de Groot) Lines: 53 Disclaimer: This opinion is mine alone In <553@ultrix.uhasun.hartford.edu> mgallagh@uhasun.hartford.edu (Michael Gallagher) writes: > While doing some more testing/looking-about of Minix [1.5], came across >what I would tend to certainly call a potential security problem in >Minix: > Using two accts that were not priv'd, I found that while files created >by one could not be read, etc with by the other if protections were not set >for world or group [umask = 77], they COULD be rm'd. In fact, you are >prompted as to whether you wish to actually remove this file DESPITE that >it's protection code is 700 [no world or group access]. It's the same in UNIX. Removing the file has to do with the privileges of the directory. Try this: create a directory as an ordinary user. go into that directory. become superuser. make a file x by typing "> x" chmod 000 x --- now nobody should be able to read/write/execute the file become the normal user again remove with "rm x" the system responds (at least mine) with "x: 0 mode ? " answer "y" and the file is remove though it's not yours and you don't have any access to it! This is how it works with AT&T unix. Now the otherway around: become superuser make a directory (say x) chmod 755 x (so only root can write the directory) cd x "> x" chmod 777 x (whole world permission to do anything with file x) now become the ordinary user again cd x you can vi, ed, etc the file x but if you try "rm x" you will get: "rm: x not removed." "Permission denied" So that is how AT&T unix works, compare that to Minix. Henk. -- / / Henk de Groot | Department: PG 9000i - System Services /---/ __ __ / V2/A12-A13 | Internet : groot@idca.tds.philips.nl / / (-_ / / /( Tel: +31 55 432099 | == PHILIPS INFORMATION SYSTEMS == Disclaimer: I only speak for myself, not for my employer!