Path: utzoo!attcan!uunet!husc6!mailrus!uflorida!haven!adm!xadmx!rbj@nav.icst.nbs.gov From: rbj@nav.icst.nbs.gov (Root Boy Jim) Newsgroups: comp.unix.wizards Subject: Nasty Security Hole? Message-ID: <17620@adm.BRL.MIL> Date: 22 Nov 88 17:19:41 GMT Sender: news@adm.BRL.MIL Lines: 27 ? From: Doug Gwyn ? In article <2470@aplcomm.jhuapl.edu> trn%warper.jhuapl.edu@aplvax.jhuapl.edu (Tony Nardo) writes: ? >A pity the implementers of UNIX didn't borrow one the idea of having a ? >separate "delete" bit. It's one of a number of DEC features I miss. ? What in the world would it MEAN? It is the DIRECTORY that is modified ? by an unlink, not the inode. Would a "delete" bit then mean that no ? links to the inode could be removed? Think about the consequences for ? a bit. It would be horrible! I'm not so sure. VMS has just that, and seems to work OK (did I actually say that?). It also has a set of system bits that apply only to the system account. How nice it would be to be able to be able as root to chmod a file to some mode and then not be able to delete it before chmod'ing it back to something else. I have often felt that UNIX cramming mode and type bits together was somewhat limiting. Perhaps 16 bits for the mode a la VMS is a bit much, and the semantics would have to be rethought (yes, it is the directory that is modified, but the rm command attempts to give the file something to say about it, and the kernel could do the same), but think of all the FEECHURS we could add to the kernel!!! :-) (Root Boy) Jim Cottrell (301) 975-5688 or Crackers and Worms -- Breakfast of Champions!