Path: utzoo!attcan!uunet!husc6!bloom-beacon!mit-eddie!killer!wybbs!wyn386!mikef
From: mikef@wyn386.UUCP (Mike Faber)
Newsgroups: comp.unix.wizards
Subject: Re: Nasty Security Hole?
Summary: Question
Keywords: mail permissions security
Message-ID: <189@wyn386.UUCP>
Date: 11 Nov 88 17:59:28 GMT
References: <175@ernie.NECAM.COM>
Distribution: na
Organization: Wynalda Litho Inc, Rockford, MI
Lines: 20


I have wondered something about permissions security for a while, now, too.

Why can a person with read permission only be able to remove the file?  For
example, if I have a file of data (statistical data, for example), and I need
for any user in my group to read it as input data into their programs, they
will have read permission to it, but will also be able to remove it (it
makes sure you want to, but if Mr. Morris' worm had been destructive, he
could have wiped out anything that he had READ access to!!!  Is there a point
I'm missing (Op systems back in college doesn't cover enough.  THere ought to be
an ethics, or a security chapter in every O/S book.)  

I'm more curious than worried, but there must be a reason...


-- 
   _   _                  | My employer and sysop do not think,
  (/  (/  _  _   _   _    | so they cannot share my opinions.
 (/)  /\_(/_(/_/|_)_/ \_/ | Joe C Programmer (mikef@wynalda.uucp)  work
               (|     (|  | Michael Faber    (sleepy@wybbs.uucp)   play