Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!uwvax!uwmacc!hobbes!root
From: root@hobbes.UUCP (John Plocher)
Newsgroups: comp.unix.wizards,comp.unix.questions
Subject: Re: UNIX file setuid sucurity hole?
Message-ID: <128@hobbes.UUCP>
Date: Fri, 13-Mar-87 14:30:43 EST
Article-I.D.: hobbes.128
Posted: Fri Mar 13 14:30:43 1987
Date-Received: Fri, 20-Mar-87 05:26:56 EST
References: <2168@ncoast.UUCP>
Reply-To: root@hobbes.UUCP (John Plocher)
Distribution: world
Organization: U of Wisconsin - Madison  Spanish Department
Lines: 20
Xref: mnetor comp.unix.wizards:1520 comp.unix.questions:1506

In article <2168@ncoast.UUCP> robertd@ncoast.UUCP (Robert DeMarco) writes:
+----
|         It just accured to me that, thanks to the chown command and
| "setuid to owner when executing this C program" that no ones file
| is realy safe.
| 	[...] 
| ...set to owner(Peter).  Now Peter then can "chown" the command to
| John.  The file now belongs to John.  Then Peter executes the file.
| Since the file permisions says to change id to owner, Peters Id
| will be changed to John's id for the duration of the program.  Now
| Peter will BE ALLOWED to read Johns file.
| 
|     How can you protect against this?
+----

Quoting from the SVR2 manual page for CHOWN(1):

"If either command [chown,chgrp] is invoked by other than the super user, the 
set-user-ID and set-group-ID bits of the file mode, 04000 and 02000
respectively, will be cleared."