Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!newstop!texsun!vector!egsner!mic!convex!convex.COM
From: tchrist@convex.COM (Tom Christiansen)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Keywords: chown, mail
Message-ID: <110276@convex.convex.com>
Date: 11 Dec 90 03:26:59 GMT
References: <18792@rpp386.cactus.org> <2800:Dec1001:29:4890@kramden.acf.nyu.edu> <1990Dec11.005644.20688@cbnewsk.att.com>
Sender: news@convex.com
Reply-To: tchrist@convex.COM (Tom Christiansen)
Organization: CONVEX Software Development, Richardson, TX
Lines: 13

In article <1990Dec11.005644.20688@cbnewsk.att.com> hansen@pegasus.att.com (Tony L. Hansen) writes:
>The mail(1) command uses chown(2) and set-gid to give a secure mail system. I
>feel that other methods are fraught with potential security holes.

It doesn't on a BSD system, and you're right, this has been the source
of many security holes.  Whether we've finally solved them all or not 
is unknown.  

--tom
--
Tom Christiansen		tchrist@convex.com	convex!tchrist
"With a kernel dive, all things are possible, but it sure makes it hard
 to look at yourself in the mirror the next morning."  -me