Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!dali.cs.montana.edu!uakari.primate.wisc.edu!sdd.hp.com!wuarchive!uunet!munnari.oz.au!brolga!uqcspe!cs.uq.oz.au!tonyg
From: tonyg@cs.uq.oz.au (Tony Gedge)
Newsgroups: comp.os.minix
Subject: Re: Maybe a easy solution for the --x--x--x won't exec problem ?
Message-ID: <1104@uqcspe.cs.uq.oz.au>
Date: 1 May 91 22:20:19 GMT
References: <32@oski.toppoint.de> <1991Apr30.185457.29113@email.tuwien.ac.at>
Sender: news@cs.uq.oz.au
Reply-To: tonyg@cs.uq.oz.au
Lines: 22

In <1991Apr30.185457.29113@email.tuwien.ac.at> hp@vmars.tuwien.ac.at (Peter Holzer) writes:
>programs I don't want other users to use, I just turn off the x-bit of
>the directory and can still work with my normal umask (022). I couldn't
>do that anymore with your `fix'.

As an aside, I got the `--x--x--x' behavior in my kernel by adding an if
condition in fs/open.c.  It is inserted just before the file permission
checking switch statement.  Basically, what I do it say:

if (calling-proc != MM) {
	check-file-permission-switch-statements
	}

Is there a security bug/something not nice in doing it this way?

Tony Gedge.

--
 -------------------------------------------------------------------------
| Computer Science Department,        | tonyg@cs.uq.oz.au   (Tony Gedge)  |
| University of Queensland, Australia.| "cc stands for Cryptic Crossword" |
 -------------------------------------------------------------------------