Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!rochester!udel!galvin
From: ESC1332%ESOC.BITNET@wiscvm.wisc.edu (K.Keyte)
Newsgroups: comp.os.minix
Subject: Re: SETUID on mkdir and rmdir
Message-ID: <348@louie.udel.EDU>
Date: Mon, 13-Jul-87 20:58:30 EDT
Article-I.D.: louie.348
Posted: Mon Jul 13 20:58:30 1987
Date-Received: Wed, 15-Jul-87 01:19:56 EDT
Sender: galvin@udel.EDU
Lines: 17


galvin@UDEL.EDU replied to my comment about standard UNIX NOT having the
SETUID bits on mkdir and rmdir. Well I accept that some Unices (sic) do
have the SETUID, but I am also quite aware by now that others (where mkdir
and rmdir are actual internal system calls rather than mknod/link & unlink
calls) do NOT have the SETUID.

The simple fact is that MINIX does have the SETUID, and it's use of
the 'access' routine is not quite correct since it doesn't really check
the real uid, because 'access' thinks that it's the super-user, so blindly
grants all access. This allows ANY user to create and delete ANY directory
ANYWHERE with the mkdir and rmdir as they are (within the normal limitations).

I have patched the code to correct this situation, and it now works as it
does on UNIX.

Karl Keyte