rock-and-roll [Re: Retaining file permissions] [long]
Chris Torek
torek at elf.ee.lbl.gov
Thu Mar 7 12:26:36 AEST 1991
>In article <7391 at mentor.cc.purdue.edu> asg at sage.cc.purdue.edu
>(The Grand Master) writes:
>> The following is a letter I mailed that our friend at MIT would not
>> post for me (Our news poster was screwed up). ...
In article <1991Mar6.234727.23298 at athena.mit.edu> jik at athena.mit.edu
(Jonathan I. Kamens) defends himself a bit. I would like to add that I
probably would not have posted that particular article for Mr. Master
either (and how did you get a first name like `The' anyway? :-) ).
As it happens, this particular barn door was closed after a horse had
escaped. There is no sense in arguing that `write not clearing set-id
could not possibly be a security problem', because it was. One could
perhaps argue that `it is not now a security problem', but I would not
want to bet my systems on it.
--
In-Real-Life: Chris Torek, Lawrence Berkeley Lab EE div (+1 415 486 5427)
Berkeley, CA Domain: torek at ee.lbl.gov
More information about the Comp.unix.internals
mailing list