double setuid programs
utzoo!decvax!ucbvax!unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Thu Oct 15 23:23:45 AEST 1981
>From cbosgd!mark at Berkeley Thu Oct 15 21:18:25 1981
(This is from cbosg!dale at Berkeley - it got lost and I'm remailing it. - mrh)
To: ucbvax!unix-wizards
Subject: Re: double setuid programs
One of the reasons why setuid(geteuid()) is disallowed is for accounting
purposes: the real id is used by accounting software. Someone once
suggeted that a third uid be maintained solely for accounting. Then either
Mark Horton's suggestion of setuid(geteuid()) or stacking uids would work.
Another possibility which Mark did not mention is to permit mknod to make
directories without requiring super-user permissions (as is the case with
FIFO type files in UNIX 3.0). In this case the mkdir command would not require
setuid root. Does anyone see a holes in this proposal?
More information about the Comp.unix.wizards
mailing list