Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!pollux.usc.edu!kjh
From: kjh@pollux.usc.edu (Kenneth J. Hendrickson)
Newsgroups: comp.os.minix
Subject: Re: Security hole ?!
Message-ID: <31804@usc>
Date: 10 Apr 91 20:31:07 GMT
References: <50276@nigel.ee.udel.edu>
Sender: news@usc
Organization: EE-Systems, USC, Los Angeles
Lines: 12
Nntp-Posting-Host: pollux.usc.edu

In article <50276@nigel.ee.udel.edu> HBO043%DJUKFA11.BITNET@cunyvm.cuny.edu (Christoph van Wuellen) writes:
>On UNIX, you can e.g. remove files beloging to other users if they reside
>in /tmp

Not in BSD.  I think that BSD handles this correctly.  A file owned by
another user in /tmp should not be unlinkable if it doesn't have write
status for the user doing the unlinking, even if the directory gives
write status to that user.

-- 
favourite oxymorons:   student athlete, military justice, mercy killing
Ken Hendrickson N8DGN/6       kjh@usc.edu      ...!uunet!usc!pollux!kjh