From: Upholder@uiuc.edu (THE Upholder of Truth) Subject: Re: clearing SUID bit on writes Date: 2 Sep 1992 05:20:28 GMT
vesseur@fwi.uva.nl (Joep JJ Vesseur) writes:
> well, i don't know to what extend linux _is_ secure (anyone out there
>cares to make any correctness proofs?) and whether anyone uses it
>as a real multiple user (read: different users) system at the moment,
>but no doubt this will happen in the future.
Well, as soon as the SLIP and TCP/IP code is all in the kernel, I'm planning
on allowing incoming telnets from the internet at large.
As it is, I compiled ka9q with the incoming telnet patches (posted here
some time ago) and have been using it to attempt to allow incoming telnet
sessions. NO dice so far.... it connects fine, but not getty or login
is spawned to the connection... (anyone got it working? if you do, please
drop me a line).
> i only don't think it should clean the bit on all modifications, only
>those initiated by users with a different real-uid than the owner of
>the file, in contrast to sysV.
That sounds reasonable... but the original proposal (clear on write)
is probably more secure. (root might accidentally write to passwd, etc)
-- The Upholder of Truth I am not only ready to Upholder@uiuc.edu (BSD/ASCII mail) retract this, but also jar42733@sumter.cso.uiuc.edu (NeXT mail) deny I said anything. =) wi.4173@wizvax.methuen.ma.us (anon. mail) This is *NOT* CCSO's opinion.