Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!bu-cs!purdue!decwrl!sun!quintus!ok
From: ok@quintus.uucp (Richard A. O'Keefe)
Newsgroups: comp.unix.wizards
Subject: Re: rm etc. (was: Nasty Security Hole?)
Message-ID: <783@quintus.UUCP>
Date: 30 Nov 88 14:54:24 GMT
References: <175@ernie.NECAM.COM> <189@wyn386.UUCP> <8910@smoke.BRL.MIL> <118@hudson.Morgan.COM> <8941@smoke.BRL.MIL> <480@auspex.UUCP> <8956@smoke.BRL.MIL> <730@quintus.UUCP> <13193@ncoast.UUCP>
Sender: news@quintus.UUCP
Reply-To: ok@quintus.UUCP (Richard A. O'Keefe)
Distribution: na
Organization: Quintus Computer Systems, Inc.
Lines: 26

In article <13193@ncoast.UUCP> allbery@ncoast.UUCP (Brandon S. Allbery) writes:
>As quoted from <730@quintus.UUCP> by ok@quintus.uucp (Richard A. O'Keefe):
>| 	% att rm zabbo
>| 	zabbo: 0 mode ? n
>| 	% bsd rm zabbo
>| 	rm: override protection 0 for zabbo? n
>If UUNET is any guide, V.2 on Sequents isn't.
>	$ >foo ; chmod 0 foo ; rm foo
>	rm: remove foo? n
>
>I've seen the above on quite a few systems of V.2, V.3, and Xenix 5.x
>persuasions.

UNIX System V/386 Release 3.0 80386 says
	foo: 0 mode ?
just like the Sequent.  There is more reason to doubt UUNET:  the SVID
clearly and explicitly states in RM(BU_CMD) that
	If a file has no write permission
	and the standard input is a terminal,
	its [presumably the file's] permissions are printed
	and a line is read from the standard input.
Something which purports to be V.2 "rm" ought to obey the SVID and
print the permissions *somehow* (though the SVID doesn't specify a
format).

Internationalisation will be a great opportunity to tidy this up.