Re: Odd filesystem permission handling

Albert D. Cahalan (acahalan@cs.uml.edu)
Fri, 18 Jun 1999 21:45:10 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Daniel Taylor: "Re: UUIDs (and devfs and major/minor numbers)"
Previous message: David Hinds: "Re: More general resource allocation scheme: a patch to look at"

Arvind Sankar writes:
> On Thu, Jun 17, 1999 at 09:12:29PM -0400, Albert D. Cahalan wrote:
>> Mike A. Harris writes:

>> This must be stopped:
>>
>> ln /etc/passwd ~/passwd
>> chown user.group ~/passwd
>>
>> The UNIX standard would let us restrict the first operation.
>> With that absurdity fixed, chown could be relaxed a bit.
>> Perhaps this: allow chown when the directory owner and new
>> file owner are both in the set of UIDs held by the process.
>> That gives you a "take ownership" in directories you own.
>
> How would UNIX let you restrict the first operation?

The UNIX _standard_ would not be violated if Linux were to
restrict the operation.

> Are you saying that it _should_?

Yes. We don't let people give away their own files to avoid
quota problems, but users can prevent other users from really
deleting files. If I can link your files, I can make you run
out of quota space.

Then there is always the old setuid program that I link to.
Maybe I don't know of any holes, but I might find some later!
Well, I could prevent you from deleting the old program.
(you'd need a separate filesystem to deal with this)

> It does seem to make sense to restrict it, but I'm sure someone will
> point out a reason why it is the way it is, and why it should remain so.

It is the way it is because of the way UNIX evolved.
The OS was designed for a friendly group of developers
on a tiny machine.

Rather than copy a file from someone or risk losing access
when they delete it, you could make a hard link.

Symlinks and shell aliases did not exist. If you wanted to call
the editor "edit", you needed to make a copy (wasteful) or
make a hard link.

At one time, there was no mkdir() call. You could use mknod()
to get one, then add the '.' and '..' entries yourself.
You could freely hard link and unlink directories. If you go
back far enough, I think you could chmod() a file into a
directory. Yep, turn files into directories and back again.

I suspect that the early developers thought hard links were fun.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Daniel Taylor: "Re: UUIDs (and devfs and major/minor numbers)"
Previous message: David Hinds: "Re: More general resource allocation scheme: a patch to look at"