Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!mcnc!gatech!lll-lcc!pyramid!prls!mips!djl
From: djl@mips.UUCP (Dan Levin)
Newsgroups: comp.unix.wizards,comp.unix.questions
Subject: Re: UNIX file setuid sucurity hole?
Message-ID: <20@winchester.mips.UUCP>
Date: Fri, 13-Mar-87 14:16:01 EST
Article-I.D.: winchest.20
Posted: Fri Mar 13 14:16:01 1987
Date-Received: Sun, 15-Mar-87 00:44:39 EST
References: <2168@ncoast.UUCP> <17822@ucbvax.BERKELEY.EDU>
Lines: 17
Summary: No, This is Not a Security Problem
Xref: mnetor comp.unix.wizards:1410 comp.unix.questions:1422


On systems decended from USG, ie. SYSTEM III -> SYSTEM V.x.x, a user
may use chown to "give away" a file.  However, the setuid/setgid bits are 
cleared when you do so.

On systems decended from BSD, ie. 4.0 BSD -> 4.3 BSD, a user may
not use chown to give away a file,  and so the problem is totally
avoided.

V6 was like BSD, I don't know about V7 (I assume since III is more related
to V6 that V7 is like BSD too) nor about the research editions of more
recent arrival (V8-V9).

-- 
			***dan

decwrl!mips!djl                  mips!djl@decwrl.dec.com