Path: utzoo!utgpu!water!watmath!clyde!att!alberta!ncc!lyndon
From: lyndon@ncc.Nexus.CA (Lyndon Nerenberg)
Newsgroups: comp.mail.sendmail
Subject: Re: problems with new users' mail file creation
Message-ID: <10331@ncc.Nexus.CA>
Date: 15 Jul 88 05:09:56 GMT
References: <876@garth.UUCP> <1410006@hpfclp.SDE.HP.COM>
Reply-To: lyndon@ncc.nexus.ca (Lyndon Nerenberg)
Organization: Nexus Computing Inc.
Lines: 19

In article <1410006@hpfclp.SDE.HP.COM> diamant@hpfclp.SDE.HP.COM (John Diamant) writes:
>Would you care to explain that item about the sticky bit?  I always that the
>sticky bit was merely an efficiency hack.  Are you saying that it actually
>changes the security of the running program?  How?

In some BSD implementations, setting the sticky bit on a directory says
that (if you have the appropriate write permission) you can create a
file in that directory, however you have to be the owner of the file
in order to remove it.

We use this feature in a number of public "spool" directories where we
don't want to run an suid program soley for the purpose of protecting
files from inadvertant or malicious deletion.

[ Where did this "feature" originate, anyway ?? ]

-- 
{alberta,pyramid,uunet}!ncc!lyndon  lyndon@Nexus.CA
Ain't singin' for Miller...