should Unix refuse to execute writable binaries?
Sean Eric Fagan
sef at kithrup.COM
Sun Mar 3 11:37:31 AEST 1991
In article <1991Mar2.193639.21105 at tandem.com> ernest at pegasus.dsg.tandem.com (Ernest Hua) writes:
>Should the Unix kernel refuse to execute binaries (or scripts) that are ...
> 1. setuid-ed plus group and/or world writable?
> 2. setgid-ed plus world writable?
>It seems like a simple check that should be help ensure a more secure Unix.
What appears to be done more often is to have writes clear the SUID and/or
SGID bits (unless the writer is root or the owner?). Even that one I have
problems with.
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.wizards
mailing list