Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utcs!mnetor!seismo!munnari!kre
From: kre@munnari.UUCP
Newsgroups: net.unix-wizards
Subject: Re: so who has mkdir and rmdir for non-4.2 systems
Message-ID: <1183@munnari.OZ>
Date: Sun, 13-Jul-86 13:24:14 EDT
Article-I.D.: munnari.1183
Posted: Sun Jul 13 13:24:14 1986
Date-Received: Sun, 13-Jul-86 20:29:21 EDT
References: <1885@brl-smoke.ARPA> <6179@elsie.UUCP> <5060@sun.uucp>
Organization: Comp Sci, Melbourne Uni, Australia
Lines: 23
Summary: None of the posted mkdir/rmdir's deal with use from a setuid program

To emulate 4.[23]'s mkdir()/rmdir() correctly, you have to
be able to do the right thing when the invoking program is
setuid to someone.

That absolutely rules out using system("mkdir") or popen("mkdir")
as the mkdir program is setuid root, and it won't inherit the
correct "real" uid (the effective uid of the calling program).

I can't locate the right Sys V manual to be able to determine
if it can be done sensibly with fork()/exec*() and a setuid()
of some variety in between.

On v7, 4.1bsd, etc, this is a hard problem, don't expect to be
able to solve it quickly!

Neither of the posted mkdir()'s had the args right either.
4.[23]'s mkdir is mkdir(path, mode) not mkdir(path).  Of
course, its trivial to add a umask to fix this (nb: not
a chmod after the directory is made, or there will be a window
when it exists without the correct permissions, which could
be fatal).

Robert Elz		seismo!munnari!kre  kre%munnari.oz@seismo.css.gov