Retaining file permissions
The Grand Master
asg at sage.cc.purdue.edu
Sun Mar 3 07:01:47 AEST 1991
In article <6227:Mar201:22:4391 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
}Rather than thinking about security holes, think about user mistakes. If
}the kernel turns off the setuid bit upon write, it is much less likely
}for a setuid program to be accidentally corrupted than it would be
}otherwise. End of discussion.
That was not my point. I never disagreed with resetting the suid bit
upon a write - just the his expaination of the reason was not
well-thought-out. In fact, I believe that the suid bit should be unsettable
if the file is writable by anyone.
}
}---Dan
Bruce
More information about the Comp.unix.shell
mailing list