Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!think.com!mintaka!bloom-beacon!eru!hagbard!sunic!mcsun!tuvie!vmars!hp
From: hp@vmars.tuwien.ac.at (Peter Holzer)
Newsgroups: comp.os.minix
Subject: Re: Security hole ?!
Message-ID: <2406@tuvie.UUCP>
Date: 15 Apr 91 15:38:49 GMT
References: <50505@nigel.ee.udel.edu>
Sender: plank@tuvie.UUCP
Lines: 16

HBO043%DJUKFA11.BITNET@cunyvm.cuny.edu (Christoph van Wuellen) writes:

>I am pretty sure that I can remove files owned by other's in /tmp
>even if they are not writable under SunOS 4.X, which should behave
>BSD-like.

>-- I have just done exactly that.

In BSD the sticky bit is used to prevent people from unlinking other peoples
files in world writable directories. Only the owner of the directory and the
owner of the file can unlink files in a directory with the sticky bit set.
--
|    _  | Peter J. Holzer                       | Think of it   |
| |_|_) | Technical University Vienna           | as evolution  |
| | |   | Dept. for Real-Time Systems           | in action!    |
| __/   | hp@vmars.tuwien.ac.at                 |     Tony Rand |