Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!uunet!email!vmars!hp
From: hp@vmars.tuwien.ac.at (Peter Holzer)
Newsgroups: comp.os.minix
Subject: Re: Maybe a easy solution for the --x--x--x won't exec problem ?
Message-ID: <1991Apr30.185457.29113@email.tuwien.ac.at>
Date: 30 Apr 91 18:54:57 GMT
References: <32@oski.toppoint.de>
Sender: news@email.tuwien.ac.at
Organization: Technical University of Vienna
Lines: 20
Nntp-Posting-Host: nowhere.vmars.tuwien.ac.at

schlut@oski.toppoint.de (Olaf Schlueter) writes:

>[Proposes that FS should open files to be exec'ed with euid of mm
>instead of user so that non-readable files can be executed]

There is a security problem with this approach (If you care about
security). Under Minix and Unix, to execute a program you do not only
need execute-permissions for the file, but also search-permissions for
all the directories leading to it. If FS opens the file with MMs
permissions instead of that of the user, you can execute any program if
it is world-executable and you know its full pathname. If I write
programs I don't want other users to use, I just turn off the x-bit of
the directory and can still work with my normal umask (022). I couldn't
do that anymore with your `fix'.

--
|    _  | Peter J. Holzer                       | Think of it   |
| |_|_) | Technical University Vienna           | as evolution  |
| | |   | Dept. for Real-Time Systems           | in action!    |
| __/   | hp@vmars.tuwien.ac.at                 |     Tony Rand |