Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!columbia!rutgers!ll-xn!mit-eddie!genrad!decvax!decwrl!sun!guy
From: guy@sun.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Which commands (in /bin & /usr/bin) must have set user ID (for root)
Message-ID: <8616@sun.uucp>
Date: Tue, 28-Oct-86 13:50:20 EST
Article-I.D.: sun.8616
Posted: Tue Oct 28 13:50:20 1986
Date-Received: Tue, 28-Oct-86 23:31:13 EST
References: <115@tijc02.UUCP> <735@hropus.UUCP> <1040@ho95e.UUCP> <743@hropus.UUCP> <1565@k.cc.purdue.edu>
Organization: Sun Microsystems, Inc.
Lines: 12

>     Anyway, if a setuid program overwrites itself, it is no longer setuid!
> It says in the manual page for write (2):

It says this *in the 4BSD manual page for write(2)*; this is a Berkeleyism.
I consider it to be an airbag; I'm not sure it's worth putting in a hack
like this to protect people who don't remember to make set-UID programs
writable only by the owner.  (Also note that it doesn't apply if the process
doing the write has a *real* UID of "root".)
-- 
	Guy Harris
	{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
	guy@sun.com (or guy@sun.arpa)