Aucbvax.3071 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Thu Sep 10 23:23:36 1981 writable setuid files >From CSVAX.dmr@Berkeley Thu Sep 10 23:17:40 1981 Throwing away setuid (or setgid) bits on a written file is indeed a considerable pain. It is also (in UCB vmunix) done strangely, in the iwrite routine. Has it occurred to anyone else that a more natural way to achieve equivalent safety is to prevent write access to a setuid file except to the owner, and likewise for setgid? That is, if the file is setuid, ignore all but the owner permission bits. Dennis Ritchie ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.