Path: utzoo!attcan!uunet!husc6!bbn!rochester!pt.cs.cmu.edu!cadre!pitt!darth!orac!pat
From: pat@orac.UUCP (Pat Barron)
Newsgroups: comp.unix.wizards
Subject: Re: Nasty Security Hole?
Message-ID: <133@orac.UUCP>
Date: 20 Nov 88 19:08:37 GMT
References: <175@ernie.NECAM.COM> <189@wyn386.UUCP> <31681@think.UUCP> <145@tree.UUCP>
Reply-To: pat@orac.UUCP (Pat Barron)
Distribution: na
Lines: 14

In article <145@tree.UUCP> stever@tree.UUCP (Steve Rudek) writes:
>Yeah, unfortunately write permission to a file or directory is an
>all-or-nothing matter.  You can't give permission to add a new file to
>a directory without also granting permission to wipe out everything in
>that directory, can you?

4.3BSD lets you do this.  If you set the "sticky bit" on a directory,
then nobody will be able to remove files from that directory that they
don't own, even if the directory permissions say otherwise.  Lots of
sites have /usr/tmp mode 1777 (read/write/execute by all, with sticky
bit).  You can add files, and remove them when you're done, but you
can't unlink someone else's file.

--Pat.