SunOS and shared libraries, security aspects

Dan Bernstein brnstnd at kramden.acf.nyu.edu
Mon Sep 3 16:02:30 AEST 1990


In article <13283 at hydra.gatech.EDU> gt0178a at prism.gatech.EDU (BURNS,JIM) writes:
> in article <4006 at auspex.auspex.com>, guy at auspex.auspex.com (Guy Harris) says:
> >>Rather, it's to make login non-setuid in the first place. The only time
> >>login should run as root is from a controlled daemon, such as telnetd or
> >>getty.
> > I've no problem with that
> Excuse me, but I don't understand how login (su, rsh, rlogin) would be
> able to change your uid without using setuid(3) which is documented as
> needing superuser status:

It can't. All it can do without privileges is log you in as yourself
again, and not even that on some systems. As I said in the triple-quoted
comments, login should only run as root if it's run from a controlled
(root) daemon: this is necessary for security.

---Dan



More information about the Comp.unix.internals mailing list