COMMAND

    HTFS

SYSTEMS AFFECTED

    SCO OpenServer 5

PROBLEM

    Tim  Kutergin  found  following.   It  seems  to  be  bug  in HTFS
    filesystem on SCO Openserver 5.  The problem is that You  could do
    unlink("..") and this  operation will be  successful (if You  have
    permissions)  corrupting  filesystem.   He  have  discovered  this
    anomaly when investigating constant system crashes when users were
    deleting  mailboxes  in  Cyrus  imap  server  1.5.2  There was bad
    code in imapd that was trying to delete ".." when removing mailbox
    (newer versions of imapd are  fixed).  So usual user  may severely
    damage filesystem by  doing unlink("..") in  subdirectories, where
    he has permissions to do this.

    Bug is clearly repeteable and very dangerous (do not try to  check
    it on production  machine!).  After  trying to cause  it with perl
    script in eg.  /tmp you may  get fatal filesystem  corruption that
    fsck -ofull  could not  repair.   System will  refuse to boot with
    message about inability to start  /etc/init. In test,  after  that
    it was booted with Emergency disks and ran fsck many times.   Then
    mounted /dev/hd0root.  Result - permission denied error on /etc in
    root filesystem.  So, you're forced to remake root filesystem  and
    restore it  from backup.   This was  tested under  SCO 5.0.0  with
    Release Supplement 5.0.d, Network Supplement 1.0, oss434a.

SOLUTION

    This was reported to SCO, but they replied this is due to problems
    with hardware.