Re: root permissions

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Norman Wilson: "Re: root permissions"
• Previous message: Alexander Haiut: "Re: RPC protocol problem?"
• In reply to: KevinTX: "Re: root permissions"
• Next in thread: Frank Chen: "Re: root permissions"

KevinTX writes:
> 
> > 	Well, this is not a bug but a question on
> > the design of most Unix systems. It seams to me, and
> > I tried this on Ultrix 4.3, HPUX 9.01, Linux 1.1.x,
> > when root opens a file, being the owner or not, the 
> > system does not check the  file permissions before
> > granting him access. The same goes for writting and
> > unlinking a file.
> 
> I've long considered this to be "wrong" as well.  Forcing root to have to 
> obey whether something is allowed to be writable by root would close up a 
> lot of the various holes out there.  Of course this creates problems with 
> things like the traditional "passwd" program that would then have to know 
> to do a chmod to give root write perms to the password file..

What about adding an option to the open() system call?  eg:
open("/etc/passwd", O_WRONLY | O_ROOTPRIVS, 0);

That would allow a privileged file open to be explicit request rather
than an "accident".  Still, I wonder if it'd buy anything?  Would
slack programmers use the flag on everything?

At least, it'd solve the chmod inconvenience.

-Peter

• Next message: Norman Wilson: "Re: root permissions"
• Previous message: Alexander Haiut: "Re: RPC protocol problem?"
• In reply to: KevinTX: "Re: root permissions"
• Next in thread: Frank Chen: "Re: root permissions"