UNIX file setuid sucurity hole?
Dan Levin
djl at mips.UUCP
Sat Mar 14 05:16:01 AEST 1987
On systems decended from USG, ie. SYSTEM III -> SYSTEM V.x.x, a user
may use chown to "give away" a file. However, the setuid/setgid bits are
cleared when you do so.
On systems decended from BSD, ie. 4.0 BSD -> 4.3 BSD, a user may
not use chown to give away a file, and so the problem is totally
avoided.
V6 was like BSD, I don't know about V7 (I assume since III is more related
to V6 that V7 is like BSD too) nor about the research editions of more
recent arrival (V8-V9).
--
***dan
decwrl!mips!djl mips!djl at decwrl.dec.com
More information about the Comp.unix.questions
mailing list