Path: news.mitre.org!blanket.mitre.org!agate!newsgate.duke.edu!nntprelay.mathworks.com!rill.news.pipex.net!pipex!join.news.pipex.net!pipex!server1.netnews.ja.net!warwick!wapping.ecs.soton.ac.uk!dps96r From: dps96r@ecs.soton.ac.uk (Duncan Simpson) Newsgroups: comp.os.ms-windows.nt.admin.security Subject: Re: Unix sticky bit?? Date: 2 Nov 1997 20:25:35 GMT Organization: Electronics and Computer Science, University of Southampton Lines: 29 Message-ID: <63injv$bde@wapping.ecs.soton.ac.uk> References: <63cpqo$im5@herald.rt.bosch.de> NNTP-Posting-Host: feynman.ecs.soton.ac.uk X-Newsreader: NN version 6.5.0 #2 (NOV) EUCLID Manager writes: >Hello >is there a similar mechnism like the sticky bit under unix? AFAIK no. I did nto figure out how to emualte 1777 on /tmp for a temproary directory on NT. >The sticky bit sets the effective user ID or group ID to that of the owner >or group owner of a file/application whenever the file/application is run. >This allows temporary or restricted access to files not normally accessible >to other users. No, it does not. You are talking about the setuid and setgid bits which are different. The stick bit used to leave the text (CPU text, i.e. bianry) pages in the swap even after the program departed but no longer does because shared read-only text pages happen automatically without the sticky bit's help. NT does not feature them citing buffer overruns but see below... if you emulate them the NT way buffer overruns are still present and a lot *more damaging*. >How can i perform this way of access-control under windows-nt? A service can do this but it is not as good. If someone buffer overruns the service they have even better access that traditional Un*x buffer overruns allow (they trojanize the service automatically, as opposed to mere superuser/Administrator access). Duncan (-: