From: system@kryton.UUCP (Scott Beckstead) Subject: Re: clearing SUID bit on writes Date: 3 Sep 1992 04:23:06 GMT
vesseur@fwi.uva.nl (Joep JJ Vesseur) writes:
> Frank T Lofaro <fl0p+@andrew.cmu.edu> writes:
>
> > Linux should definitely un-setuid and un-setgid files on any
> >modification (such as an append). Otherwise it could prove to be a very
> >nasty security hole.
> >[...] doesn't belong in a secure (well,
> >as secure as UN*X can reasonably be) environment.
>
> well, i don't know to what extend linux _is_ secure (anyone out there
> cares to make any correctness proofs?) and whether anyone uses it
> as a real multiple user (read: different users) system at the moment,
> but no doubt this will happen in the future.
> i only don't think it should clean the bit on all modifications, only
> those initiated by users with a different real-uid than the owner of
> the file, in contrast to sysV.
>
> joep.
>
> ---
> joep vesseur --- email: vesseur@fwi.uva.nl
Well if some one who knows how to set up a secure system will do so and give me
access to it, I'll put together a tiger team and try to break it. I have a
knack for finding silly bugs that way too. Couldn't get near my friends
OS9 box with out causing it to take a dump or just plain lock up.
Oh yeah it would be nice if you were local to me too.
System Administrator Paradox Alley F&SF BBS and Usenet News/Mail
805-492-8789 Thousand Oaks, Ca. The Place For Science Fiction and Fantasy
"Spin My Nipple Nuts and Send Me to Alaska!" Kryten, Red Dwarf