Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!seismo!rochester!pt.cs.cmu.edu!sei.cmu.edu!pdb
From: pdb@sei.cmu.edu.UUCP
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: System V letting random users chown
Message-ID: <713@aw.sei.cmu.edu.sei.cmu.edu>
Date: Sun, 15-Mar-87 02:14:49 EST
Article-I.D.: aw.713
Posted: Sun Mar 15 02:14:49 1987
Date-Received: Sun, 15-Mar-87 14:02:43 EST
Sender: netnews@sei.cmu.edu
Organization: Carnegie-Mellon University, SEI, Pgh, Pa
Lines: 18
Xref: utgpu comp.unix.questions:1379 comp.unix.wizards:1396

Hmm...looks like my ignorance of the "offical" AT&T Unixes is showing.
But then again, I use real Unix, not System V :-).

Anyway, if System V clears the 6000 bits of the file protection, then
the set-uid glitch is a non-issue, but opens up a bunch of other problems.
I, for one, wouldn't want there to be any way for a non-root user to make
it look like I created some random file (like, for instance, writing a program
to do some anti-social thing like a mkdir/chdir loop, moving it into /usr/tmp,
and chowning it to me).  Is there any way to track the original creator of
a file?

For files that need to be accessed by groups of people, the BSD group list
concept really works much better (does Sys V have an analog to this?)

And speaking of "official" AT&T Unix, does anyone know if they ever plan
to make Eighth Edition Unix available outside of AT&T?

--Pat.