From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262253AbTJAOWa (ORCPT ); Wed, 1 Oct 2003 10:22:30 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262256AbTJAOWa (ORCPT ); Wed, 1 Oct 2003 10:22:30 -0400 Received: from ns.suse.de ([195.135.220.2]:16551 "EHLO Cantor.suse.de") by vger.kernel.org with ESMTP id S262253AbTJAOWY (ORCPT ); Wed, 1 Oct 2003 10:22:24 -0400 To: root@chaos.analogic.com Cc: Jurjen Oskam , linux-kernel mailing list Subject: Re: File Permissions are incorrect. Security flaw in Linux References: <1065012013.4078.2.camel@lisaserver> <20031001135322.GA16692@quadpro.stupendous.org> From: Andreas Schwab X-Yow: GOOD-NIGHT, everybody.. Now I have to go administer FIRST-AID to my pet LEISURE SUIT!! Date: Wed, 01 Oct 2003 16:22:15 +0200 In-Reply-To: (Richard B. Johnson's message of "Wed, 1 Oct 2003 10:09:51 -0400 (EDT)") Message-ID: User-Agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org "Richard B. Johnson" writes: > ...So anything you put into "/tmp", for instance, can be deleted > by anybody. This is the Unix way. ...Unless your /tmp is marked properly with +t (sticky bit), so that you can only delete your own files. Andreas. -- Andreas Schwab, SuSE Labs, schwab@suse.de SuSE Linux AG, Deutschherrnstr. 15-19, D-90429 Nürnberg Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different."