Path: utzoo!news-server.csri.toronto.edu!rutgers!usc!samsung!noose.ecn.purdue.edu!mentor.cc.purdue.edu!sage.cc.purdue.edu!asg From: asg@sage.cc.purdue.edu (Bruce Varney) Newsgroups: comp.unix.internals Subject: Re: rock-and-roll [Re: Retaining file permissions] [long] Keywords: chmod, sed, awk... and good old *cat*! Message-ID: <7431@mentor.cc.purdue.edu> Date: 7 Mar 91 05:11:41 GMT References: <7391@mentor.cc.purdue.edu> <1991Mar6.234727.23298@athena.mit.edu> <10710@dog.ee.lbl.gov> Sender: news@mentor.cc.purdue.edu Reply-To: asg@sage.cc.purdue.edu (Bruce Varney) Distribution: usa Organization: Purdue University Lines: 49 In article <10710@dog.ee.lbl.gov> torek@elf.ee.lbl.gov (Chris Torek) writes: >>In article <7391@mentor.cc.purdue.edu> asg@sage.cc.purdue.edu >>(The Grand Master) writes: >>> The following is a letter I mailed that our friend at MIT would not >>> post for me (Our news poster was screwed up). ... > >In article <1991Mar6.234727.23298@athena.mit.edu> jik@athena.mit.edu >(Jonathan I. Kamens) defends himself a bit. I would like to add that I >probably would not have posted that particular article for Mr. Master >either (and how did you get a first name like `The' anyway? :-) ). Read on and you would have found my real name. Our system has a specification for a Real name, and a Nickname. Unfortunatly, Pnews uses my Nickname instead of my Real name (My Nickname obviously being "The Grand Master"). Since several people such as yourself have found that too hard to comprehend, I have changed my "Nickname" to my real name. Happy? :-) > >As it happens, this particular barn door was closed after a horse had >escaped. There is no sense in arguing that `write not clearing set-id >could not possibly be a security problem', because it was. One could >perhaps argue that `it is not now a security problem', but I would not >want to bet my systems on it. My contention is that it is no longer necessary to clear the suid bit on NON-EXECUTABLE FILES! Jon put forth that non-executables had had the suid bit clear to prevent security violations. I merely suggest that this is not the case, but that the reason this behavior still exists is because it would be a time and resource consuming to modify the kernal to check if the file had an execute bit set before deciding to clear the suid. >-- >In-Real-Life: Chris Torek, Lawrence Berkeley Lab EE div (+1 415 486 5427) >Berkeley, CA Domain: torek@ee.lbl.gov --------- sar.casm \'sa:r-.kaz-*m\ \sa:r-'kas-tik\ \-ti-k(*-)le-\ n [F sarcasme, fr. LL sarcasmos, fr. Gk sarkasmos, fr. sarkazein to tear flesh, bite the lips in rage, sneer, fr. sark-, sarx flesh; akin to Av thwar*s to cut] 1: a cutting, hostile, or contemptuous remark : GIBE 2: the use of caustic or ironic language - sar.cas.tic aj ### ## Courtesy of Bruce Varney ### # aka -> The Grand Master # asg@sage.cc.purdue.edu ### ##### # PUCC ### # ;-) # # ;'> # ##