lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV fotemods.zip update

From: John E. Davis
Subject: Re: LYNX-DEV fotemods.zip update
Date: Wed, 21 May 1997 18:23:32 -0400 
On Wed, 21 May 1997 16:45:38 -0400, Greg Marr <address@hidden> said:
>At 11:09 AM 5/21/97 -0500, Foteos Macrides wrote:
>>      As far as "privacy" issues associated with the Unix /tmp
>>design are concerned, even systems which now have the "sticky bit"
>>feature typically don't use it.  I've yet to get on a Unix system
>>in which I couldn't read any file in the /tmp tree, and there was
>>no need for spoofing via links to do it. :) :)
>
>As I understand the "Unix /tmp design", the sticky bit has nothing to do
>with whether or not you could read the files, but whether or not you could
>delete them.  /tmp usually has drwxrwxrwt permissions, which means that
>anybody can write to the directory, anybody can read it, but people can
>only delete files they own.  The privacy aspect is enforced by the files
>and subdirectories not having world-read access.  Is there some other
>aspect of the sticky bit that I am unaware of?

I did not understand the comment about being able to read in file in
/tmp either.  Your understanding of the sticky bit is consistent with
mine.  Regardless of whether or not tmp is world readable, I do not
see how anyone other than root or the owner can read a file with
permissions `-rwx------'.

--John
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]