Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: mcvax!uva!dik@uunet.uu.net
Newsgroups: comp.sys.sun
Subject: Re: Two bugs: sticky bit directory and ld -e
Message-ID: <600@uva.UUCP>
Date: 31 Jan 89 13:02:38 GMT
References: <5761@etana.tut.fi>
Sender: usenet@rice.edu
Organization: Faculteit Wiskunde & Informatica, Universiteit van Amsterdam
Lines: 27
Approved: Sun-Spots@rice.edu
Original-Date: 21 Jan 89 21:48:51 GMT
X-Sun-Spots-Digest: Volume 7, Issue 128, message 7 of 10
X-Issue-Reference: v7n108

mcvax!tut.fi!hmj@uunet.uu.net (Hannu-Matti J{rvinen) writes:
>Sticky bit in directories prevents removing the files in the directory
>without write privilege to the file and the directory....But what happens
>if you use mv to rename files without write protection in a directory
>with the sticky bit and write permissions?...

I assume you use SunOs 3.4 or 3.5 I have the same problem.  This problem
also occured on a Gould PN900 running UTX 2.03.  It allowed two conspiring
users to create loops in the file system.  My guess is that it is early
4.3 BSD code, our vanilla 4.3 Vax doesn't have the problem.  Another
problem I have is that ordinary users can't switch on sticky bits on their
directories. (I rather like this bug, I must admit considering the above)

>.......  So I believe that, even if one could create an additional link
>to a directory, the super user can still remove it....--wnl ]]

In SunOs 3.x NOONE is allowed to remove hardlinks to directory.  Unlink(2)
returns 'Not Owner', even when called as superuser.  So you can only zap
(clri/fsck/reboot) a directory-inode with more than one link other than
'.' and various '..' entries.

[[ Yeah, I didn't think that sounded right when I came across it.  But
that's what the documentation says!  --wnl ]]

Casper H.S. Dik
University of Amsterdam     |		      dik@uva.uucp
The Netherlands             |                 ...!uunet!mcvax!uva!dik