[ILUG] Caching programs

kevin lyda kevin at suberic.net
Thu Sep 6 03:21:12 IST 2001 

On Thu, Sep 06, 2001 at 02:37:17AM +0100, Ronan Cunniffe wrote:
> On Thu, 6 Sep 2001, Paul Jakma wrote:
> > On Thu, 6 Sep 2001, kevin lyda wrote:
> > > uh, no.  it's the sticky bit.  to really be pedantic (and
> > > correct) see the following list.  if you consider that 01000
> > > makes code segments sticky in binaries and files sticky in
> > > directories, the name makes more sense.
> > uhmmm.. no. amazingly enough, i actually looked it up before posting,
> > for once - unusual for me. It is "saved-text" (APUE, p.86). The flag
> > for it is S_ISVTX ie SaVed-TeXt, even though the linux man page gives
> > "sticky bit" as the description.

hm.  maybe.  but version 6 refers to it as the sticky bit.  my v5 image
lacks man pages.

> Now hold on just one cotton-pickin' minute here.  If sticky bits actually
> *worked*... do tripwire et al check for changes in permission bits?  If
> not, this would rank as one of the subtlest and most deadly ways of
> killing a box in existence.... set the bit on everything in
> usr/local/bin and let the users roll!  How would you even find out what
> the problem was?

older unix systems needed hints to manage their "cache" systems (as close
to that as they came) and swap (if they even had swap).  the sticky
bit was one of those hints.  just because the bit is set, it didn't
mean it was forced to stay in ram.  perhaps if you go back far enough,
you'll find that it did force the text into ram and it stayed there.
but security was a very distant afterthought in unix...

> This begs the question, how are sticky text pages dumped?  Suppose there's
> more text in the binaries being run than silicon in the machine?  Anybody
> know this one.  I can see why Linux has ditched this use of them...

well, the binary would fail to run to begin with - with or without the
sticky bit.

kevin

-- 
kevin at suberic.net          simple four line sigs -
fork()'ed on 37058400      bandwidth friendly; nice to do.
meatspace place: home      some admins clueless.
http://suberic.net/~kevin          --netiquette haiku 2001

More information about the ILUG mailing list