non-superuser chown(2)s considered harmful
Leslie Mikesell
les at chinet.chi.il.us
Mon Dec 17 09:10:25 AEST 1990
In article <1990Dec14.171022.4992 at eci386.uucp> woods at eci386.UUCP (Greg A. Woods) writes:
>$ ls -l /usr/mail/root
>-rw-rw---- 1 root mail 27820 Dec 12 05:18 /usr/mail/root
>$ MAIL=/usr/mail/root LOGNAME=root /bin/binmail -F woods
>binmail: Invalid permissions
>binmail: Cannot install/remove forwarding without empty mailfile
>Hmm... Yup, it seems secure to me! Doesn't mean non-superuser chown
>is OK, but IMHO it *is* not only OK, but useful!
Oops, when I said empty file I meant no file (my mail reader always deletes
the file when it is empty).
Does your mail reader always leave a 0 length file in /usr/mail when you
delete all the messages? Does everyone on the system use the same reader
(or do they all do this)? Is there ever a time when a user does not
have a file in /usr/mail (say before they have ever received any mail)?
IMHO it would be just as useful if it didn't chown the forwarding file
but left it owned by the uid that actually gave the command.
Les Mikesell
les at chinet.chi.il.us
More information about the Comp.unix.internals
mailing list