Which commands (in /bin & /usr/bin) must have set user ID (for root)
guy at sun.UUCP
guy at sun.UUCP
Wed Oct 29 04:50:20 AEST 1986
> Anyway, if a setuid program overwrites itself, it is no longer setuid!
> It says in the manual page for write (2):
It says this *in the 4BSD manual page for write(2)*; this is a Berkeleyism.
I consider it to be an airbag; I'm not sure it's worth putting in a hack
like this to protect people who don't remember to make set-UID programs
writable only by the owner. (Also note that it doesn't apply if the process
doing the write has a *real* UID of "root".)
--
Guy Harris
{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
guy at sun.com (or guy at sun.arpa)
More information about the Comp.unix.wizards
mailing list