Aucbvax.2828 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Wed Aug 26 21:14:19 1981 Re: On the Correctness of Set-User-ID programs >From MathStat.jmrubin@Berkeley Wed Aug 26 21:09:58 1981 One trouble with JNC@MIT-XX's suggestion on setgid programs is that the group security has not been as well thought out on Unix as the individual security. Many programs, which are made setgid, provide ways to fork shells, without resetting the gid. Moreover, if you can get ahold of a file which belongs to you but is in a given group (say a core dump) you can, on many Unix systems, put a setgid program to fork a shell in that file. One more advantage of being setuid to root is that root can chown and chgrp files-so a program can create a file which will belong to a user. It occurs to me that if mkdir were setgid, then all subdirectories which one created would be owned by the group of mkdir. Thus, no one would be able to limit access to a subdirectory to members of their own group without going to a super-user and asking to give that group the directory. ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.