should Unix refuse to execute writable binaries?
uunet!bria!mike
uunet!bria!mike
Sun Mar 3 13:08:47 AEST 1991
In an article, ico.isc.com!rcd (Dick Dunn) writes:
|ernest at pegasus.dsg.tandem.com (Ernest Hua) writes:
|| Should the Unix kernel refuse to execute binaries (or scripts) that are ...
|| 1. setuid-ed plus group and/or world writable?
|| 2. setgid-ed plus world writable?
|
|I see two levels at which the answer ought to be "no".
|1. The pedantic rote answer is "no, because the kernel isn't supposed to
| be in the business of making [that sort of] policy decision."
|2. A practical answer is "no, because the situation is more complicated
| than that." The restrictions required to keep the least experienced
| users from hurting themselves may be more than the most experienced
| users want to put up with.
Good points. Another reason that I would avoid this restriction is because
some developers (keeping myself in mind, primarily :-) like to modify the
executable itself for various and sundry purposes.
--
Michael Stefanik, MGI Inc., Los Angeles| Opinions stated are not even my own.
Title of the week: Systems Engineer | UUCP: ...!uunet!bria!mike
-------------------------------------------------------------------------------
Remember folks: If you can't flame MS-DOS, then what _can_ you flame?
More information about the Comp.unix.wizards
mailing list