writable setuid files

utzoo!decvax!ucbvax!unix-wizards utzoo!decvax!ucbvax!unix-wizards
Thu Sep 10 23:23:36 AEST 1981


>From CSVAX.dmr at Berkeley Thu Sep 10 23:17:40 1981
Throwing away setuid (or setgid) bits on a written file is indeed
a considerable pain.  It is also (in UCB vmunix) done strangely,
in the iwrite routine.  Has it occurred to anyone else that 
a more natural way to achieve equivalent safety is to prevent
write access to a setuid file except to the owner, and likewise
for setgid?  That is, if the file is setuid, ignore all but
the owner permission bits.
	Dennis Ritchie



More information about the Comp.unix.wizards mailing list