Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!henry
From: henry@utzoo.UUCP (Henry Spencer)
Newsgroups: net.bugs.4bsd
Subject: Re: Symbolic Links VS. Security
Message-ID: <4649@utzoo.UUCP>
Date: Fri, 16-Nov-84 13:01:36 EST
Article-I.D.: utzoo.4649
Posted: Fri Nov 16 13:01:36 1984
Date-Received: Fri, 16-Nov-84 13:01:36 EST
References: <442@unmvax.UUCP> <159@utecfa.UUCP> <150@stat-l> <4394@utzoo.UUCP>
Organization: U of Toronto Zoology
Lines: 30

> There was plenty of thought about those issues that were issues.

You mean, about those issues that people thought were issues.  I've seen
no evidence that anyone realized that symbolic links are a significant
change to the semantics of the pathname->file mapping.  It is hard to
imagine anything more central to UNIX.  Yet symbolic links appear to
have been treated as a trivial extra.  I stand by my original statement:
the implications of symbolic links were not fully understood.  They still
aren't.  By anyone.

> Security, though, was not a major issue - when you get a 4.2
> system, you get the system that Berkeley prepared for ARPA.
> There were certain goals, tight security was (to the best of
> my knowledge) never one of them.  If you don't like that,
> then run something else.

If ARPA said anything explicit about it at all, I would suspect that
"security no worse than 4.1BSD" would have been mentioned.  It is
one thing to say that tight security was not an issue; it is another
to weaken security seriously without telling anyone, and (apparently)
without even realizing it was happening.

> ps: Henry - How do you manage to find a job where you get time
> 	to post all that news ??   :-)

A religious policy of unsubscribing to non-technical newsgroups frees
up a remarkable amount of time...  :-)
-- 
				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,linus,decvax}!utzoo!henry