Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!sri-spam!ames!oliveb!sun!gorodish!guy
From: guy@gorodish.UUCP
Newsgroups: comp.unix.wizards,comp.unix.questions
Subject: Re: UNIX file setuid sucurity hole?
Message-ID: <15036@sun.uucp>
Date: Fri, 13-Mar-87 19:41:44 EST
Article-I.D.: sun.15036
Posted: Fri Mar 13 19:41:44 1987
Date-Received: Sat, 14-Mar-87 15:08:30 EST
References: <2168@ncoast.UUCP>
Sender: news@sun.uucp
Reply-To: guy@sun.UUCP (Guy Harris)
Distribution: world
Organization: Sun Microsystems, Mountain View
Lines: 12
Xref: utgpu comp.unix.wizards:1379 comp.unix.questions:1365

>	It just accured to me that, 
>thanks to the chown command and "setuid
>to owner when executing this C program"
>that no ones file is realy safe.

Well, you're wrong.  The "chown" command uses the "chown" system call.  The
"chown" system call either requires you to be the super-user, or turns of
the set-UID and set-GID bits if executed by somebody other than the
super-user, so you can't create a program that's set-UID to somebody other
than yourself unless you're the super-user.  This is all documented in the
manual page for the "chown" system call, and would also be obvious if you
actually tried "chown" on a set-UID program.