Path: utzoo!attcan!uunet!aplcen!uakari.primate.wisc.edu!brutus.cs.uiuc.edu!apple!sun-barr!newstop!texsun!convex!convex.COM
From: tchrist@convex.COM (Tom Christiansen)
Newsgroups: comp.unix.wizards
Subject: Re: SUID directories -- security concern?
Message-ID: <100262@convex.convex.com>
Date: 26 Feb 90 16:26:09 GMT
References: <14198@s.ms.uky.edu> <26270009@hpclisp.HP.COM> <4555@hemuli.tik.vtt.fi>
Sender: news@convex.com
Reply-To: tchrist@convex.COM (Tom Christiansen)
Organization: CONVEX Software Development, Richardson, TX
Lines: 54

In article <4555@hemuli.tik.vtt.fi> tml@hemuli.tik.vtt.fi (Tor Lillqvist) writes:
>The context-dependent files in HP-UX is IMHO a rather clever idea.  A
>bit like Apollo's symbolic links containing environment variables.  Is
>there any chance of other vendors taking up the idea?

In ConvexOS, you have conditional symbolic links that work this way:
you've a one-byte field in your user entry called u_warp which is the
current "universe".  When evaluating the symbolic links, the kernel takes
into consideration your current u_warp value, and uses this as an index
into the "|"-delimited contents of the links.  There are system calls to
set and get your current warp.  If an /etc/warps exists, it defines the
mapping between string and numeric universes for use by library routines.

Watch:

% cat /etc/warps
#
#  warp logical name to physical value translation file.
#
#  entries are of the form:
#       value   name    optional_aliases

0       release         default base zero       # installed system
1       patch           fixes                   # patched system
2       new                                     # up-coming release
% warp
release
% warp patch
% 

Watch:

% mv /bin/ld /usr/old/
% ln -s "/usr/old/ld|/usr/new/ld" /bin/ld 
% ll /bin/ld 
lrwxrwxrwx  1 tchrist        23 Feb 26 10:15 /bin/ld -> /usr/old/ld|/usr/new/ld

If you're in universe 0, you get /usr/old/ld, universe 1 you get
/usr/new/ld, and anything else (like universe 2) you get universe
0, which is /usr/old/ld.  

This is utterly undocumented, unsupported, and subject to change without
notice.  We merely use it internally for more flexible build environments,
for which it's a nice solution.  If you think regular symblic links
introduce another order of complexity into the file system that have the
potential for massive confusion, just consider what these do.


--tom
--

    Tom Christiansen                       {uunet,uiucdcs,sun}!convex!tchrist 
    Convex Computer Corporation                            tchrist@convex.COM
		 "EMACS belongs in <sys/errno.h>: Editor too big!"