Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!munnari!moncskermit!goanna!yabbie!rcodi From: rcodi@yabbie.rmit.oz (Ian Donaldson) Newsgroups: comp.bugs.sys5 Subject: Re: mvdir, is or is not a bug? Message-ID: <402@yabbie.rmit.oz> Date: Fri, 23-Jan-87 00:27:46 EST Article-I.D.: yabbie.402 Posted: Fri Jan 23 00:27:46 1987 Date-Received: Fri, 23-Jan-87 22:39:28 EST References: <376@oblio.UUCP> <1987Jan14.123035.20364@sq.uucp> <512@csun.UUCP> Organization: RMIT Comm & Elec Eng, Melbourne, Australia. Lines: 35 Keywords: S5 mvdir mv In article <512@csun.UUCP>, aeusemrs@csun.UUCP (Mike Stump) writes: > Gee, I though every one knew why they FIXED mv in System V. > It is a security loophole, isn't it obvious? (:-)) That is why > they ONLY allow root to run it in SVR2. > Ok, now to get to the meat of the matter: > it > is the problem with the person that set up the group write > priv on d0 that screwed it all up Yes, but since it is a problem with some administrator screwing things up then why change the mv command? The problem would have surely disappeared by using chmod appropriately, no? Publicly or Group writeable directories are certainly asking for trouble in the wrong environment. If there is a better explanation of why mvdir was separated out from mv, I and probably many others are all ears. > I agree completely (I hope) that Unix (when > managed properly) is very secure. Surely, as good as the next system. Given the freedom that *can* be made available under UNIX in the appropriate environments that just *isn't* available on a lot of other O/S's, its certainly nice to have a choice in the matter. > I know this one little article is going to cause an avalanche > of of articles, but I feel I can say nothing to stop them... You're probably right. Ian D.