Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!gatech!udel!mmdf
From: ESC1332%ESOC.BITNET@wiscvm.wisc.edu (K.Keyte)
Newsgroups: comp.os.minix
Subject: Re: SETUID problems with mkdir & rmdir
Message-ID: <376@louie.udel.EDU>
Date: Tue, 21-Jul-87 17:28:49 EDT
Article-I.D.: louie.376
Posted: Tue Jul 21 17:28:49 1987
Date-Received: Thu, 23-Jul-87 04:38:03 EDT
Sender: mmdf@udel.EDU
Lines: 29


Let me straighten this mess out with regards to SETUID and mkdir/rmdir...

MINIX WAS doing something wrong with the access() system call. The error
itself was in forbidden() where it checks the permissions. It's supposed
to allow the option to check REAL or EFFECTIVE uids, and access() always
asks to check the REAL uid. HOWEVER, forbidden() looks at the global variable
super_user (which is set TRUE iff the EFFECTIVE uid is that of the super-user)
and grants FULL access if this is set. This is incorrect, the code in
forbidden() should be changed FROM:

     if (super_user)
           perm_bits = 07;

TO:  if (test_uid == SU_UID)
           perm_bits = 07;

I hope this stops the barrage of mis-understandings, and we can close the
matter.

Point 2
-------

I've written a noddy routine to load the MINIX clock from the CMOS battery-
backed RAM on an AT. If anyone's interested in the code, let me know and I'll
either send them out individually or back to the list depending on the
response.

Karl