access(2) (was: Writing to A NON-Existing File in "C")
Richard A. O'Keefe
ok at quintus.UUCP
Wed Apr 20 12:34:20 AEST 1988
In article <14020030 at hpisod2.HP.COM>, decot at hpisod2.HP.COM (Dave Decot) writes:
> access(2) should not be used to determine the other access permissions
> except in setuid programs, and even then, not for testing execute
> access by setuid-root programs.
If a program which is never intended to run setuid ensures that it is
not being run setuid or setgid by doing
my_uid = getuid();
my_gid = getgid();
if (geteuid() != my_uid || getegid() != my_gid) {
fprintf(stderr, "%s: must not run setuid or setgid", programname);
exit(1);
}
where is the harm in subsequently using access(2) to test for permission to
read or write a file?
Is there any legitimate reason why someone might take a program which was
not originally designed to run setuid or setguid and do chmod u+s
or chmod g+s to it?
More information about the Comp.unix.wizards
mailing list