Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utcs!mnetor!seismo!ut-sally!pyramid!decwrl!sun!guy
From: guy@sun.UUCP
Newsgroups: net.unix-wizards
Subject: Re: so who has mkdir and rmdir for non-4.2 systems
Message-ID: <5072@sun.uucp>
Date: Mon, 14-Jul-86 02:25:54 EDT
Article-I.D.: sun.5072
Posted: Mon Jul 14 02:25:54 1986
Date-Received: Mon, 14-Jul-86 19:29:53 EDT
References: <1885@brl-smoke.ARPA> <6179@elsie.UUCP> <5060@sun.uucp> <1183@munnari.OZ>
Organization: Sun Microsystems, Inc.
Lines: 22

> To emulate 4.[23]'s mkdir()/rmdir() correctly, you have to
> be able to do the right thing when the invoking program is
> setuid to someone.
...
> I can't locate the right Sys V manual to be able to determine
> if it can be done sensibly with fork()/exec*() and a setuid()
> of some variety in between.

S5 doesn't make it any easier.  You need to be able to set the real UID of
the child process to match the effective UID, and it won't let you do that.

This causes worse problems than just making it impossible for set-UID
programs to run "mkdir" or "rmdir" with the proper permissions.  It means a
set-UID program - like, say, "uucico" - *can't* prevent itself from getting
zapped by a signal sent from a process running with the UID of the person
who started it; this means that in S5, if you do a "uucp", or "uux", or
anything that runs one of those commands, and it starts up a "uucico", you
can zap that "uucico" at any time!
-- 
	Guy Harris
	{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
	guy@sun.com (or guy@sun.arpa)