From: Frank T Lofaro (fl0p+@andrew.cmu.edu)
Date: 09/01/92

Next message: Kevin W. Hammond: "Re: Killing background processes on logout"
Previous message: : "Linux-Activists Digest #81"
Maybe in reply to: Joep JJ Vesseur: "clearing SUID bit on writes"
Next in thread: Joep JJ Vesseur: "Re: clearing SUID bit on writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Date: Tue,  1 Sep 1992 15:21:41 -0400 
From: Frank T Lofaro <fl0p+@andrew.cmu.edu>
Subject: Re: clearing SUID bit on writes

Linux should definitely un-setuid and un-setgid files on any
modification (such as an append). Otherwise it could prove to be a very
nasty security hole. (by the way, I just verified the Ultrix does clear
these bits on a decstation here). We should not worry about this
breaking anything, since anything that depends on setuid and setgid
staying set after a file modifcation doesn't belong in a secure (well,
as secure as UN*X can reasonably be) environment.

Next message: Kevin W. Hammond: "Re: Killing background processes on logout"
Previous message: : "Linux-Activists Digest #81"
Maybe in reply to: Joep JJ Vesseur: "clearing SUID bit on writes"
Next in thread: Joep JJ Vesseur: "Re: clearing SUID bit on writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]