From: Ronan Cunniffe (rcunniff at domain wilde.cs.tcd.ie)
Date: Thu 06 Sep 2001 - 02:37:36 IST
On Thu, 6 Sep 2001, Paul Jakma wrote:
> On Thu, 6 Sep 2001, kevin lyda wrote:
>
> > uh, no. it's the sticky bit. to really be pedantic (and
> > correct) see the following list. if you consider that 01000
> > makes code segments sticky in binaries and files sticky in
> > directories, the name makes more sense.
>
> uhmmm.. no. amazingly enough, i actually looked it up before posting,
> for once - unusual for me. It is "saved-text" (APUE, p.86). The flag
> for it is S_ISVTX ie SaVed-TeXt, even though the linux man page gives
> "sticky bit" as the description.
>
> > btw, endeavoring to make this useful, www.freebsd.org has a link to man
> > pages for pretty much any unix system in common use or of historical
> > importance.
>
Now hold on just one cotton-pickin' minute here. If sticky bits actually
*worked*... do tripwire et al check for changes in permission bits? If
not, this would rank as one of the subtlest and most deadly ways of
killing a box in existence.... set the bit on everything in
usr/local/bin and let the users roll! How would you even find out what
the problem was?
This begs the question, how are sticky text pages dumped? Suppose there's
more text in the binaries being run than silicon in the machine? Anybody
know this one. I can see why Linux has ditched this use of them...
Ronan
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:12:00 GMT