Path: utzoo!attcan!uunet!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!pacbell.com!tandem!pegasus.dsg.tandem.com!ernest
From: ernest@pegasus.dsg.tandem.com (Ernest Hua)
Newsgroups: comp.unix.wizards
Subject: should Unix refuse to execute writable binaries?
Message-ID: <1991Mar2.193639.21105@tandem.com>
Date: 2 Mar 91 19:36:39 GMT
Sender: news@tandem.com
Reply-To: ernest@pegasus.dsg.tandem.com (Ernest Hua)
Organization: Tandem Computers, Inc.
Lines: 16
Nntp-Posting-Host: pegasus.dsg.tandem.com

-------------------------------------------------------------------------------
Actually the real question is:

Should the Unix kernel refuse to execute binaries (or scripts) that are ...

    1.  setuid-ed plus group and/or world writable?
    2.  setgid-ed plus world writable?

It seems like a simple check that should be help ensure a more secure Unix.

Please E-mail replies and I will post a summary.
-------------------------------------------------------------------------------
Ernest Hua
Tandem Computers
ernest@tandem.com
408-285-5580