setuid ignored for root
utzoo!decvax!ucbvax!unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Tue Sep 8 06:29:23 AEST 1981
>From decvax!duke!unc!smb at Berkeley Tue Sep 8 06:24:47 1981
In-real-life: Steven M. Bellovin
Location: University of North Carolina at Chapel Hill
I think that the Interactive Systems scheme won't work particularly
well. If, say, root -- the real root -- invokes a spooling daemon, the
"standard" lock-file mechanism (creating the sucker mode 444) won't work,
as root has the permission to overwrite it, regardless of what it's setuid
to. Nor does it really solve the problem of creating files on behalf
of the real user -- who should own them? I suspect that the "schizo" call,
which flips the real and effective uids, is a better hack than granting
the union of all permissions.
More information about the Comp.unix.wizards
mailing list