setuid bits not honored by root
MP%mit-xx at sri-unix.UUCP
MP%mit-xx at sri-unix.UUCP
Fri Jul 15 16:41:00 AEST 1983
From: Mark Plotnick <MP at mit-xx>
I don't wish to prolong discussion about the joys of setuid,
but I have a simple question: is there any reason why setuid
bits should be ignored if one is already running as root?
I seem to recall some discussion many moons ago (about V7) that lead
to the conclusion that setuid bits SHOULD be honored for everybody.
Yet the 4.1bsd systems here (pretty vanilla ones, at that) are
configured so that root stays root. I got bitten by this yesterday
when the netnews expire program, which is setuid to uucp, was invoked
by cron and recreated its data file with owner "root" (the file was
thus unwritable to the other setuid-to-uucp program that wants to
write in it).
Note that I'm not taking a poll. The question is not "should setuid
bits be honored if you're root" - I know all the religious arguments
for and against this - what I want to know is "will anything break if
setuid bits are honored by root".
Mark Plotnick
MP at XX
eagle!mit-vax!mp
-------
More information about the Comp.unix.wizards
mailing list