Path: utzoo!utgpu!water!watmath!clyde!rutgers!mailrus!nrl-cmf!cmcl2!brl-adm!brl-smoke!gwyn
From: gwyn@brl-smoke.ARPA (Doug Gwyn )
Newsgroups: comp.lang.c
Subject: Re: system
Message-ID: <7218@brl-smoke.ARPA>
Date: 8 Feb 88 12:09:56 GMT
References: <127@dcrbg1.UUCP> <1670009@otter.HP.COM> <7@obie.UUCP> <2824@cbdkc1.ATT.COM>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 15

In article <2824@cbdkc1.ATT.COM> pmd@cbdkc1.UUCP (Paul Dubuc) writes:
>After the mknod(), you need two calls to link() to make it properly:
[...]
>I never understood why making directories was a super user priviledge.

Because, if the links weren't done right, the directory hierarchy could
be turned into a royal mess.  Therefore only a limited amount of
(presumably carefully-checked) code was permitted to make directories,
and everything else had to ask the privileged process to help get it
right.  Indeed, this is the main point of the "superuser" on UNIX;
far from being a security problem, as you read in various places, it
is the minimum mechanism that is absolutely necessary to ensure that
important system operations are carried out securely.  Unfortunately
a lot of people who don't grok simplicity are working to pile a mess
of more conventional layered security features on UNIX.  Too bad.