SUID directories -- security concern?

Wes Morgan morgan at ms.uky.edu
Fri Feb 16 02:43:30 AEST 1990


While performing a security audit on our AT&T 3B20, I discovered a
user's subdirectory with protection drws--x--x.  Sure enough, chmod
will allow you to do this.  I've never seen any code to make use of
a SUID directory, so my first reaction was that the user merely
mistyped an argument to chmod.  Later, however, it occured to me 
that since this is an undocumented capability, it may have either
properties or side effects detrimental to our security <or the
user's>.

Has anyone ever run into problems or benefits from an SUID directory?
If these are particularly gaping security holes, please email this
information rather than posting to the entire net.  I can always 
summarize any responses and post a neutered version for all those
hacker wanna-bes.... 8)


Wes Morgan
-- 
  The opinions expressed above are not those of UKECC unless so noted.
Wes Morgan                 \       {rutgers,rayssd,uunet}!ukma!ukecc!morgan
University of Kentucky      \   or morgan at engr.uky.edu
Engineering Computing Center \  or morgan%engr.uky.edu at UKMA.BITNET



More information about the Comp.unix.wizards mailing list