Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!husc6!think!ames!ptsfa!ihnp4!homxb!houxm!hoxna!lou
From: lou@hoxna.UUCP
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: SysV's chown ing makes it hard to track file creators.
Message-ID: <1150@hoxna.UUCP>
Date: Mon, 16-Mar-87 14:11:36 EST
Article-I.D.: hoxna.1150
Posted: Mon Mar 16 14:11:36 1987
Date-Received: Wed, 18-Mar-87 01:14:58 EST
References: <713@aw.sei.cmu.edu.sei.cmu.edu>
Organization: Bell Labs, Holmdel,N.J
Lines: 18
Xref: utgpu comp.unix.questions:1392 comp.unix.wizards:1414
Summary: You can track command executions, tho.

In article <713@aw.sei.cmu.edu.sei.cmu.edu>, pdb@sei.cmu.edu (Patrick Barron) writes:
> 
> I, for one, wouldn't want there to be any way for a non-root user to make
> it look like I created some random file (like, for instance, writing a program
> to do some anti-social thing like a mkdir/chdir loop, moving it into /usr/tmp,
> and chowning it to me).  Is there any way to track the original creator of
> a file?
> 
	Well, you can't track the original creator easily, but the
evil loop would run under the perpetrator's UID, so you could look
in the accounting files and see which person executed 100,000 mkdirs
at that particular time. (What's accounting like on BSD ?)

> But then again, I use real Unix, not System V :-).

	Nah, SysV is the *real* UNIX (tm).  BSD's, like, a *mutant*
or something. :-)
                                                  lou @ hoxna