Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!caip!rutgers!seismo!brl-adm!brl-smoke!gwyn
From: gwyn@brl-smoke.ARPA (Doug Gwyn )
Newsgroups: net.unix-wizards
Subject: Re: Which commands (in /bin & /usr/bin) must have set user ID (for root)
Message-ID: <4783@brl-smoke.ARPA>
Date: Tue, 21-Oct-86 12:15:59 EDT
Article-I.D.: brl-smok.4783
Posted: Tue Oct 21 12:15:59 1986
Date-Received: Wed, 22-Oct-86 05:31:27 EDT
References: <115@tijc02.UUCP> <735@hropus.UUCP> <32@popeye.UUCP>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 9

In article <32@popeye.UUCP> sherm@popeye.UUCP (62545456-Paul A. Sherman;LZ 3E-303;6316) writes:
>I think that /etc should remain mode 775, group sys, as distributed.  

Please note that, from a security standpoint, this has given any "sys" group
member (or set-gid "sys" process) super-user access if it chooses to exploit it.

Also note that "ps" need not have write permission on /etc in order to rewrite
/etc/ps_data.  (If so desired, the file could be locked during rewrite so that
concurrent "ps"es wouldn't trip over each other.)