Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!nuchat!kevin
From: kevin@nuchat.sccsi.com (Kevin Brown)
Newsgroups: comp.os.minix
Subject: Re: gak! yet another idiot beginner asking stupid stuff!
Message-ID: <1991May16.234441.6022@nuchat.sccsi.com>
Date: 16 May 91 23:44:41 GMT
References: <1991May13.124327.21919@nmrdc1.nmrdc.nnmc.navy.mil> <1991May14.202411.3372@nuchat.sccsi.com> <1991May16.093136.11171@daimi.aau.dk>
Organization: Teenage Mutant Ninja NiceGuys(tm)
Lines: 27

In article <1991May16.093136.11171@daimi.aau.dk> protonen@daimi.aau.dk (Lars J|dal) writes:
>kevin@nuchat.sccsi.com (Kevin Brown) writes:
>[...]
>>The reason for all that is that the chown() system call requires root privs
>>under Minix.  Under System V, it doesn't, but instead checks to see whether
>>or not the owner of the file (or root) is trying to change the file's
>>ownership.  On systems without disk quota, the approach taken by System V
>>is the Right Answer (IMHO). But the System V approach leads to problems on 
>>systems that implement disk quota (you want more space?  chown your files to 
>>root! :-)...
>[...]
>
>Doesn't this approach give a security problem (whether or not you have
>quotas)? As I see it, you could just make your brilliant hackerprogram
>suid and then change the owner to root!

The System V approach removes any suid bits when it does its thing (I just
tested this).

>|      Lars J|dal       |       (put your favourite quotation here)        |


--
Kevin Brown						    Disclaimer: huh?
kevin@nuchat.sccsi.com				kevin@taronga.hackercorp.com

Minix -- the Unix[tm] of the 90's.  System V -- the Multics of the 90's.  :-)