Newsgroups: comp.unix.aix
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!batcomputer!theory.tn.cornell.edu!shore
From: shore@theory.tn.cornell.edu (Melinda Shore)
Subject: Re: It works everywhere else, but not on AIX
Message-ID: <1991Apr18.130033.1472@batcomputer.tn.cornell.edu>
Sender: news@batcomputer.tn.cornell.edu
Nntp-Posting-Host: theory.tn.cornell.edu
Organization: Cornell Theory Center
References: <1991Apr15.182214.10391@ux1.cso.uiuc.edu> <313@crcaus.cactus.org>
Date: Thu, 18 Apr 1991 13:00:33 GMT

In article <313@crcaus.cactus.org> john@crcaus.UUCP (John R. Miller) writes:
>Of course, it's simple
>enough to correct: just un-suid df.

The reason that df is setuid is so that it can read device special
files for the filesystems without making them world-readable.  If
you turn off the setuid bit on df it should fail;  if it doesn't
you've got a security problem.  It *should* be setuid root.  There's
no compelling reason for it not to be, and plenty of reasons why it
should.
-- 
                    Software longa, hardware brevis
Melinda Shore - Cornell Information Technologies - shore@theory.tn.cornell.edu