access(2) (was: Writing to A NON-Existing File in "C")
Richard A. O'Keefe
ok at quintus.UUCP
Thu Apr 21 16:29:56 AEST 1988
In article <50280 at sun.uucp>, limes at sun.uucp (Greg Limes) writes:
> So, it is not necessary to actually set the
> setuid and setgid bits on a program for the real and effective uids to
> be different.
This is the key point I had forgotten.
> I would like to pose a modified version of your question back at you:
> Is there any legitimate reason why someone might need to disable
> switchuser-ed access to a program?
Yes, there is. Someone providing a programming system such as a Lisp or
SmallTalk interpreter might want to do this to reduce the chance of their
being held liable for loss or damage due to a security bug. (Ok, this is
a wee bit paranoid, but I am a devout comp.risks reader.)
More information about the Comp.unix.wizards
mailing list