Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!gatech!udel!mmdf From: ESC1332%ESOC.BITNET@wiscvm.wisc.edu (K.Keyte) Newsgroups: comp.os.minix Subject: Re: SETUID problems with mkdir & rmdir Message-ID: <376@louie.udel.EDU> Date: Tue, 21-Jul-87 17:28:49 EDT Article-I.D.: louie.376 Posted: Tue Jul 21 17:28:49 1987 Date-Received: Thu, 23-Jul-87 04:38:03 EDT Sender: mmdf@udel.EDU Lines: 29 Let me straighten this mess out with regards to SETUID and mkdir/rmdir... MINIX WAS doing something wrong with the access() system call. The error itself was in forbidden() where it checks the permissions. It's supposed to allow the option to check REAL or EFFECTIVE uids, and access() always asks to check the REAL uid. HOWEVER, forbidden() looks at the global variable super_user (which is set TRUE iff the EFFECTIVE uid is that of the super-user) and grants FULL access if this is set. This is incorrect, the code in forbidden() should be changed FROM: if (super_user) perm_bits = 07; TO: if (test_uid == SU_UID) perm_bits = 07; I hope this stops the barrage of mis-understandings, and we can close the matter. Point 2 ------- I've written a noddy routine to load the MINIX clock from the CMOS battery- backed RAM on an AT. If anyone's interested in the code, let me know and I'll either send them out individually or back to the list depending on the response. Karl