Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!usc!snorkelwacker!bloom-beacon!bloom-beacon!wesommer From: wesommer@athena.mit.edu (Bill Sommerfeld) Newsgroups: comp.unix.wizards Subject: Re: SUID directories -- security concern? Message-ID: Date: 27 Feb 90 01:18:05 GMT References: <14198@s.ms.uky.edu> <26270009@hpclisp.HP.COM> <4555@hemuli.tik.vtt.fi> <2156@baird.cs.strath.ac.uk> Sender: news@athena.mit.edu (News system) Organization: mit Lines: 35 In-Reply-To: jim@cs.strath.ac.uk's message of 26 Feb 90 14:05:39 GMT [i.e. If I ask someone to look at /foo/bar, the file they see should be the one that I see. ] It all depends on your definition of "same". You seem to imply that it should always mean "having the exact same bit pattern as contents", but that's not always meaningful. If I tell someone to execute "~wesommer/bin/demo" they should wind up executing the "demo" program appropriate to their machine's CPU type.. I shouldn't have to tell them "if you're on an xxx type of machine, run "~wesommer/xxxbin/demo". There are other approaches to this, such as the "compound executable" found in Domain/OS (essentially an "archive"-like file containing multiple executable formats; the program loader uses the portion of the file that it finds interesting). I agree, CDF's look like a kludge, and can be confusing *because you have to do something special to see them as CDF's*. However, other context-dependant-naming schemes which *are* visible using normal tools -- like the various forms of variant symlinks in Domain/OS and in other "multi-universe" systems, or the "magic cookie" approach of the Andrew File System, are not particularly confusing, and are quite useful. - Bill -- Henry Spencer is so much of a | Bill Sommerfeld at MIT/Project Athena minimalist that I often forget | sommerfeld@mit.edu he's there - anonymous |