Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!elroy.jpl.nasa.gov!decwrl!ucbvax!dog.ee.lbl.gov!hellgate.utah.edu!csn!boulder!spot.Colorado.EDU!scholes
From: scholes@spot.Colorado.EDU (SCHOLES MARTIN LEE)
Newsgroups: comp.os.minix
Subject: Re: Security hole ?!
Keywords: Program: rm"
Message-ID: <1991Apr10.131200.8723@colorado.edu>
Date: 10 Apr 91 13:12:00 GMT
References: <553@ultrix.uhasun.hartford.edu>
Sender: news@colorado.edu (The Daily Planet)
Organization: University of Colorado, Boulder
Lines: 15
Nntp-Posting-Host: spot.colorado.edu

In article <553@ultrix.uhasun.hartford.edu> mgallagh@uhasun.hartford.edu (Michael Gallagher) writes:
>
>  While doing some more testing/looking-about of Minix [1.5], came across
>what I would tend to  certainly call a  potential security problem in 
>Minix:
>
>   Using two accts that were not priv'd, I found that while files created
>by one could not be read, etc with by the other if protections were not set
>for world or group [umask = 77], they COULD be rm'd. In fact, you are
>prompted as to whether you wish to actually remove this file DESPITE that
>it's protection code is 700 [no world or group access]. 

  The reason is that changes to a directory (creating new files, deleting
old ones) are allowed or not allowed by the directory privileges, not
the file privileges.                            Marty