netbsd-bugs: kern/31850: directory stickyness is not obeyed with tmpfs

Subject: kern/31850: directory stickyness is not obeyed with tmpfs
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <gcw@primenet.com.au>
List: netbsd-bugs
Date: 10/18/2005 01:10:00

>Number:         31850
>Category:       kern
>Synopsis:       tmpfs isn't honouring stickyness
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 18 01:10:00 +0000 2005
>Originator:     Geoff C. Wing
>Release:        NetBSD 3.99.10 (2005-10-17)
>Organization:
>Environment:
System: NetBSD g.primenet.com.au 3.99.10 NetBSD 3.99.10 (G) #0: Sun Oct 16 18:24:28 EST 2005 gcw@g.primenet.com.au:/usr/netbsd/src/sys/arch/i386/compile/G i386
Architecture: i386
Machine: i386
>Description:
	Stickyness is not honoured on tmpfs mounts.  Anyone can delete
	anything on basic common /tmp if mounted as tmpfs.

	% ls -ld /tmp /mnt
	drwxrwxrwt  3 root  wheel  512 Oct 18 11:05 /mnt
	drwxrwxrwt  7 root  wheel  280 Oct 18 11:01 /tmp
	% mount | egrep "(mnt|tmp)"
	tmpfs on /tmp type tmpfs (nosuid, nocoredump, local)
	mfs:15031 on /mnt type mfs (synchronous, nosuid, nocoredump, local)
	% su
	# touch /tmp/foo /mnt/bar
	# ^D
	% rm -f /tmp/foo /mnt/bar
	rm: /mnt/bar: Operation not permitted
	% ls -l /tmp/foo /mnt/bar
	ls: /tmp/foo: No such file or directory
	-rw-r--r--  1 root  wheel  0 Oct 18 11:07 /mnt/bar
	%

>How-To-Repeat:
	See up
>Fix:
	?