Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!rochester!udel!galvin From: ESC1332%ESOC.BITNET@wiscvm.wisc.edu (K.Keyte) Newsgroups: comp.os.minix Subject: Re: SETUID on mkdir and rmdir Message-ID: <348@louie.udel.EDU> Date: Mon, 13-Jul-87 20:58:30 EDT Article-I.D.: louie.348 Posted: Mon Jul 13 20:58:30 1987 Date-Received: Wed, 15-Jul-87 01:19:56 EDT Sender: galvin@udel.EDU Lines: 17 galvin@UDEL.EDU replied to my comment about standard UNIX NOT having the SETUID bits on mkdir and rmdir. Well I accept that some Unices (sic) do have the SETUID, but I am also quite aware by now that others (where mkdir and rmdir are actual internal system calls rather than mknod/link & unlink calls) do NOT have the SETUID. The simple fact is that MINIX does have the SETUID, and it's use of the 'access' routine is not quite correct since it doesn't really check the real uid, because 'access' thinks that it's the super-user, so blindly grants all access. This allows ANY user to create and delete ANY directory ANYWHERE with the mkdir and rmdir as they are (within the normal limitations). I have patched the code to correct this situation, and it now works as it does on UNIX. Karl Keyte