rock-and-roll [Re: Retaining file permissions] [long]

Dan Bernstein brnstnd at kramden.acf.nyu.edu
Thu Mar 7 17:44:27 AEST 1991


In article <7431 at mentor.cc.purdue.edu> asg at sage.cc.purdue.edu (Bruce Varney) writes:
> My contention is that it is no longer necessary to clear the suid
> bit on NON-EXECUTABLE FILES!

Joe compiles a setuid program and sets it up:

  cc -o foo foo.c
  chmod u+s foo
  # oops, umask is 002, better keep that file safe from carelessness by group
  chmod g-w foo
  # and make it available...
  chmod g+x foo

Sally, in the same group and doing work in the same directory, writes
something to foo after the setuid bit has been turned on. Guess what? In
your world, foo is still setuid.

Contentions about theoretical behavior are cute, but this is the real
world. Machines have real users who make real mistakes. Your proposed
change that would increase the chance of mistakes and has no obvious
advantages. It should never be adopted.

Please stop blabbering about security holes now.

---Dan



More information about the Comp.unix.internals mailing list