From jcollins@firestorm.servtech.com Mon Sep 2 23:38:18 1996 Received: from firestorm.servtech.com (firestorm.servtech.com [199.1.22.6]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id XAA08274 for ; Mon, 2 Sep 1996 23:37:08 +1000 Received: (from jcollins@localhost) by firestorm.servtech.com (8.7.5/8.7.5) id JAA21006; Mon, 2 Sep 1996 09:36:41 -0400 (EDT) From: jcollins@firestorm.servtech.com (Justin M. Collins) To: "Justin M. Collins" , Martin Ibert , best-of-security@suburbia.net Date: Mon, 2 Sep 1996 09:36:30 -0400 Subject: Re: BoS: More on the UnixWare problem Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit Message-ID: <9609020936.ZM20999@firestorm.servtech.com> In-Reply-To: Martin Ibert "BoS: More on the UnixWare problem" (Sep 2, 8:06am) References: <199609011421.AAA19562@suburbia.net> <9609011222.ZM22492@firestorm.servtech.com> <322A796F.F60@ppe.bb-data.de> X-Mailer: Z-Mail Lite (3.2.0 26may94) On Sep 2, 8:06am, Martin Ibert wrote: > > Maybe it doesn't on your version, but our 2.02 system does exhibit it: > > Script started on Mon Sep 2 08:00:35 1996 > mib@wesley:pts001 ~ % cp /usr/bin/ksh . > mib@wesley:pts001 ~ % ls -l ksh > -r-xr-xr-x 1 mib avs 135632 Sep 2 08:00 ksh > mib@wesley:pts001 ~ % chgrp sys ksh > mib@wesley:pts001 ~ % ls -l ksh > -r-xr-xr-x 1 mib sys 135632 Sep 2 08:00 ksh > mib@wesley:pts001 ~ % chmod 2700 ksh > mib@wesley:pts001 ~ % ls -l ksh > -rwx--l--- 1 mib sys 135632 Sep 2 08:00 ksh > mib@wesley:pts001 ~ % ./ksh > mib-wesley-/home/mib> id > uid=20077(mib) gid=20010(avs) egid=3(sys) > mib-wesley-/home/mib> fuser ./ksh > ./ksh: 4446t > mib-wesley-/home/mib> exit > mib@wesley:pts001 ~ % fuser ./ksh > UX:fuser: ERROR: open of /dev/kmem failed: Permission denied > zsh: 4449 exit 1 fuser ./ksh > mib@wesley:pts001 ~ % exit Following your example it does point out the bug... if you chmod first then chgrp it works okay.. but if you chgrp and then chmod it the bug crops ups. From my perspective it looks like a bug in chmod. Anybody agree/disagree? -justin m. collins ---------------------------------------------------------------------------- Justin M. Collins Senior Systems/Network Administrator ServiceTech, Inc. jcollins@servtech.com v:(716)263-3360 f:(716)423-1596 "Time has little to do with infinity and jelly donuts."