Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1a 12/4/83; site rlgvax.UUCP Path: utzoo!linus!philabs!seismo!rlgvax!guy From: guy@rlgvax.UUCP (Guy Harris) Newsgroups: net.unix-wizards Subject: Re: file access Message-ID: <1569@rlgvax.UUCP> Date: Tue, 17-Jan-84 23:19:32 EST Article-I.D.: rlgvax.1569 Posted: Tue Jan 17 23:19:32 1984 Date-Received: Thu, 19-Jan-84 01:32:30 EST References: <15625@sri-arpa.UUCP> Organization: CCI Office Systems Group, Reston, VA Lines: 25 It seems to me that there should be some way to make it such that a user program could not read a 'directory file', that his program would use a 'system call' to read the 'next' entry in this directory file if the protection permitted, it seems this would make the file system in general more secure, or did I miss something? Oh, yes, I am aware, that if this was ever done, the 'world' would break, but that's a small price to pay for security, or is it? First, what do you mean by "secure"? Secure in the sense of "secure against crashes trashing things", or secure in the sense of "secure against protection violations"? If the former, reading a directory doesn't write to the disk (except for setting the directory file's access time which should happen even in your scheme) so this change contributes nothing. If the latter, UNIX already can protect the directory as a whole against reading; just turn off the appropriate "r" bit. If you meant protecting specific directory entries, what bit would indicate whether the user would be allowed to read that entry or not? For that matter, what security holes are created by permitting the user to read directory entries? Guy Harris {seismo,ihnp4,allegra}!rlgvax!guy