Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!menudo.uh.edu!sugar!ficc!peter
From: peter@ficc.ferranti.com (Peter da Silva)
Newsgroups: comp.unix.amiga
Subject: Re: Floppy filesystem security (was Re: interesting feature on AMIX..)
Keywords: unix security, amix security, setuid
Message-ID: <HI8CU42@xds13.ferranti.com>
Date: 28 Jun 91 22:28:06 GMT
References: <1991Jun24.173951.17552@convex.com> <436@hfsi.UUCP> <1991Jun25.143038.22816@convex.com> <1991Jun27.150353.21674@convex.com>
Reply-To: peter@ficc.ferranti.com (Peter da Silva)
Organization: Xenix Support, FICC
Lines: 17

In article <1991Jun27.150353.21674@convex.com> swarren@convex.com (Steve Warren) writes:
> So it seems to me that in a university environment where you are using the
> floppy filesystem as the working directory for your students, you don't really
> want to disable setuid completely, because they will need to use this feature
> occassionally while learning how Unix works.

I hope to hell you don't plan on executing stuff off the mounted floppy: just
copy it to the hard disk and then run it! When you do that, you can just chmod
the critical programs setuid after copying them.

That is, have an "install" script:

	cpio -pv /mnt /var/tmp
	chmod 4711 /var/tmp/driver /var/tmp/daemon /var/tmp/server
-- 
Peter da Silva; Ferranti International Controls Corporation; +1 713 274 5180;
Sugar Land, TX  77487-5012;         `-_-' "Have you hugged your wolf, today?"