From: utzoo!decvax!genradbo!stuart Newsgroups: net.unix-wizards Title: More on SETUID and linking looters Article-I.D.: genradbo.1391 Posted: Mon Feb 14 14:18:38 1983 Received: Wed Feb 16 06:30:06 1983 >From previous articles you know how to control access to a protected program using an impassable directory and a setuid program to get through that directory. But, you say, a user can escape from the program and make a link? This is the world of UNIX ---- You can still have the last word. Remember, you don't have the source for protected program. If you did, solutions would be trivial (cd). Have the setuid program fork off another process. This process is responsible for neutralizing links to the protected program: Check for creation of links (do a stat(2) call of protected program). Upon link detection, copy program to new file, REMOVE ALL PERMISSIONS on protected program (thus making it useless to the looter), unlink or change name of protected program. set appropriate permissions on new protected program. rename the copy to original name You may also want to consider action to make perpetrator think twice next time. -- Stuart Hollander (ucbvax!decvax!genradbolton!stuart)