Path: utzoo!mnetor!tmsoft!torsqnt!hybrid!scifi!bywater!uunet!world!bzs
From: bzs@world.std.com (Barry Shein)
Newsgroups: comp.unix.wizards
Subject: Re: should Unix refuse to execute writable binaries?
Message-ID: <BZS.91Mar4003105@world.std.com>
Date: 4 Mar 91 05:31:05 GMT
References: <1991Mar2.193639.21105@tandem.com>
Sender: bzs@world.std.com (Barry Shein)
Organization: The World
Lines: 17
In-Reply-To: ernest@pegasus.dsg.tandem.com's message of 2 Mar 91 19:36:39 GMT


Any writeable, public executable is a hazard, most users consider
their own files valuable and such executables are a hazard to them as
they run with their own privs. It's somewhat admin-o-centric to think
there's something special about setuid/setgid, just a different form
of damage possible (and system disruption is fairly possible from even
non-priv'd accounts, for example a hacked program which fills /tmp.)

The only idea that comes to mind would be something analogous to the
umask() indicating which bits can and cannot be set on an executable,
tho I suspect some thought will reveal that the problem is more subtle
than that, but something like xmask(022) might help.
-- 
        -Barry Shein

Software Tool & Die    | bzs@world.std.com          | uunet!world!bzs
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD