Aucbvax.4474 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Thu Oct 15 23:23:45 1981 Re: double setuid programs >From cbosgd!mark@Berkeley Thu Oct 15 21:18:25 1981 (This is from cbosg!dale@Berkeley - it got lost and I'm remailing it. - mrh) To: ucbvax!unix-wizards Subject: Re: double setuid programs One of the reasons why setuid(geteuid()) is disallowed is for accounting purposes: the real id is used by accounting software. Someone once suggeted that a third uid be maintained solely for accounting. Then either Mark Horton's suggestion of setuid(geteuid()) or stacking uids would work. Another possibility which Mark did not mention is to permit mknod to make directories without requiring super-user permissions (as is the case with FIFO type files in UNIX 3.0). In this case the mkdir command would not require setuid root. Does anyone see a holes in this proposal? ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.