From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 4f97bf59 for ; Wed, 31 Jul 2019 20:16:55 +0000 (UTC) Received: by minnie.tuhs.org (Postfix, from userid 112) id 4F8129BA17; Thu, 1 Aug 2019 06:16:54 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id 8331F949CB; Thu, 1 Aug 2019 06:16:35 +1000 (AEST) Authentication-Results: minnie.tuhs.org; dkim=pass (1024-bit key; unprotected) header.d=kilonet.net header.i=@kilonet.net header.b="d7bIl67x"; dkim-atps=neutral Received: by minnie.tuhs.org (Postfix, from userid 112) id 296AF949CB; Thu, 1 Aug 2019 06:16:34 +1000 (AEST) Received: from p3plsmtpa06-10.prod.phx3.secureserver.net (p3plsmtpa06-10.prod.phx3.secureserver.net [173.201.192.111]) by minnie.tuhs.org (Postfix) with ESMTPS id 9C5D3948EB for ; Thu, 1 Aug 2019 06:16:33 +1000 (AEST) Received: from medusa.kilonet.net ([72.69.11.12]) by :SMTPAUTH: with ESMTPA id sv1ThWUo7KFk2sv1UhnCog; Wed, 31 Jul 2019 13:16:33 -0700 Received: from [199.89.231.101] (ender.kilonet.net [199.89.231.101]) by medusa.kilonet.net (8.14.8/8.15.1) with ESMTP id x6VKGVsB001270 for ; Wed, 31 Jul 2019 16:16:31 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kilonet.net; s=default; t=1564604191; bh=72UviVKXdW5e8bVuf+EoYpidmZphNnhmcCDQUNrAS+Q=; h=Subject:To:References:From:Date:In-Reply-To; b=d7bIl67xdGFCRBL6x73jJ8ji4lvPPYkF1TO8e8hrt1uyt+pDqMSFjpo970UoywS16 P8kZ0oggqFACWJw2s3MjPJvRz5F5z6h2Z+kGpjDkpV9eeM5LCJHFIAORIKhdI/WwZO jVXb3pN+43AsZRnQ/EymVcq4rywDoM375sxqpYHs= To: tuhs@minnie.tuhs.org References: From: Arthur Krewat Message-ID: <6d2955e3-c77b-fbd0-6e9e-bcdf3a58d45e@kilonet.net> Date: Wed, 31 Jul 2019 16:16:25 -0400 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-CMAE-Envelope: MS4wfIyFKbxVW76Aosj9TDFfFsiQWm1IGq4g1ePeGkkt6t6YePWZR4UkJCiMEeTQCgFAI8jt30k0674BzFidNR2+YBuA0h4eMC2r641NR4UHJ9gCIxLMqcj8 nlsZ0UV/EaqqK5qi31TMPj4zlrezIna78LLCfgr1MAzcyhpY8e/8EFcH Subject: Re: [TUHS] Who's behind the UNIX filesystem permission implementation X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" Sorry to reply to myself, but I wanted to add one note to this, and didn't, which pertains to the "rename" versus "update" part of file protections in TOPS-10, and perhaps was a bug that was never fixed, or it was, and I didn't know it. In TOPS-10, you use the monitor call ENTER to update (write to) an existing file. It uses a common argument list with LOOKUP and I think a few other calls, that include the file name and extension. If a file had a 4 protection code for you, you could LOOKUP the file, then ENTER it with a different filename, and the filename would change, effectively renaming the file which you would think required a 1 protection code. You could also, if I recall correctly, specify a different protection. The significance of this? Many installations put files in SYS: ([1,4]) that had a 4 protection code so they could be written to by various applications users ran, or it was an oversight by a system administrator. Using DDT, one could easily whip up a short piece of code to rename any file in SYS: that had a 4 protection code, rename it to a .SAV or .SHR (if it needed a highseg) and basically "hide" behind another program, such as LOGIN.EXE (When EXE was introduced, I think in version 6, TOPS-10 still supported .SAV, .SHR, and .HGH but would attempt to run the .EXE first if you didn't specify an extension). Certain programs in SYS: like LOGIN had JACCT privileges - full rights to everything, including device I/O. So, find a writable file in SYS:, rename it to LOGIN.SAV, copy PIP over it, or something you cobbled up yourself, and take over the system without causing any other issues except that missing writable file. JACCT priv was much like "setuid" in UNIX - except it was a hardcoded list of filenames in the monitor (I think mostly or exclusively in SYS:) that would get carte blanche access to everything. I believe by version 7, some programs had been deprecated out of SYS, but they still existed in the JACCT list in the monitor. And boy, there were a lot of systems out there on Telenet or the ARPANET that had files in SYS: protected with a 4. Side note: Telenet was BBN's attempt to create a private sector ARPANET. https://en.wikipedia.org/wiki/Telenet - A late night dumpster dive at Radio Shack in the very early 80's got me a local dialin number. Sorry for the lengthy dissertation :) On 7/31/2019 1:29 PM, Arthur Krewat wrote: > TOPS-10 had a 3 octal digit file protection code: > > - - Logins are PPNs - [Project, > Programmer] - So if I was [76,5], another user with [76,10] was in the > same project. Much like UNIX groups. > > Owner Protection Codes > 7*, 6* - You can execute, read, or change the protection code of the > file. > 5* - You have unlimited access to the file, except for renaming it. > 4* - You have unlimited access to the file. > 3 - You can execute, read, or change the protection code of the file. > 2 - You have unlimited access to the file, except for renaming it. > 1, 0 - You have unlimited access. > * The File Daemon is called on a protection failure on this file (my > memory is a little fuzzy on this, but I believe it allowed finer > grained protections). > > Protection Codes for Fields 2 and 3 > 7 - The user cannot access the file. > 6 - The user can only execute the file. > 5 - The user can execute or read the file. > 4 - The user can execute, read, or append to the file. > 3 - The user can execute, read, append to, or update the file. > 2 - The user can execute, read, append to, update, and write to the file. > 1 - The user can execute, read, append to, update, write to, and > rename the file. > 0 - Unlimited access, including changing the protection code of the file. > > The name TOPS-10 was first used in 1970, but the monitor itself dates > back to 1964. I'm not sure when these protection codes came into > being, though. >