Aucbvax.3071
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Thu Sep 10 23:23:36 1981
writable setuid files
>From CSVAX.dmr@Berkeley Thu Sep 10 23:17:40 1981
Throwing away setuid (or setgid) bits on a written file is indeed
a considerable pain.  It is also (in UCB vmunix) done strangely,
in the iwrite routine.  Has it occurred to anyone else that 
a more natural way to achieve equivalent safety is to prevent
write access to a setuid file except to the owner, and likewise
for setgid?  That is, if the file is setuid, ignore all but
the owner permission bits.
	Dennis Ritchie