setuid (euid) after setuid (uid) on System 5
Steve Nuchia
steve at nuchat.UUCP
Tue May 16 04:23:53 AEST 1989
In article <19534 at adm.BRL.MIL> rbj at dsys.icst.nbs.gov (Root Boy Jim) writes:
>? In article <1196 at auspex.UUCP> guy at auspex.UUCP (Guy Harris) writes:
>? >Both BSD and S5 flavors of "setuid" can be implemented atop "setreuid".
>Actually, none of this really matters. Saved set-UID's are merely
>convenient. If root wants to do something as l'user, he can just
>fork and give away his privilege. The parent is still privileged.
Not all setuid programs want to be setuid root. The principle
of least priveledge argues for most of them not being owned by root.
Being able to keep both userids (invoker and owner) around is
enormously convenient and leads to better (more secure) utility
programs.
--
Steve Nuchia South Coast Computing Services
uunet!nuchat!steve POB 890952 Houston, Texas 77289
(713) 964 2462 Consultation & Systems, Support for PD Software.
More information about the Comp.unix.wizards
mailing list