Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!uunet!zephyr.ens.tek.com!tekgen!sail!terryl From: terryl@sail.LABS.TEK.COM Newsgroups: comp.unix.internals Subject: Re: rock-and-roll [Re: Retaining file permissions] [long] Message-ID: <9105@sail.LABS.TEK.COM> Date: 11 Mar 91 09:23:36 GMT References: <1991Mar6.234727.23298@athena.mit.edu> <10710@dog.ee.lbl.gov> <7431@mentor.cc.purdue.edu> Reply-To: terryl@sail.LABS.TEK.COM Organization: Tektronix, Inc., Beaverton, OR. Lines: 50 In article <1991Mar8.004700.27664@panix.uucp> zink@panix.uucp (David Zink) writes: +brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes: +(About not-clearing suid bits upon writes to non-executable files) +> Contentions about theoretical behavior are cute, but this is the real +> world. Machines have real users who make real mistakes. Your proposed +> change that would increase the chance of mistakes and has no obvious +> advantages. It should never be adopted. + +You pedantic twit. Try your example in the real world and see what +happens. + +> Joe compiles a setuid program and sets it up: +> Sally, in the same group and doing work in the same directory, writes +Joe is the J prompt and Sally is the S prompt. + +J> cc -o foo foo.c +J> chmod u+s foo +S> find /etc -print > foo Bad example; how about this one???? S> cp /bin/sh foo;./foo Now Sally has a shell running under Joe's userid, which is probably NOT what he wanted. Depending on how malicious Sally is, she could delete ALL of Joe's files. Sounds like a real BIG security hole to me.... +J># oops, umask is 002, better keep that file safe from carelessness by group +Of course, umask is obviously 013, at least. No it's not, only in your mind. You haven't provided ANY information to lead us to this conclusion. +J> chmod g-w foo +J> # and make it available... +J> chmod g+x foo Lord knows I've dinged Dan in the past, but this time he is 100% correct. If you don't think it's a security hole, can I have an account on your machine where the set-user-id bit is NOT cleared on writes???? It's also interesting to note that you directed followups to alt.flame and some other alt.. You really didn't think we would fall for that old trick now, did you???? __________________________________________________________ Terry Laskodi "There's a permanent crease of in your right and wrong." Tektronix Sly and the Family Stone, "Stand!" __________________________________________________________