Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!henry
From: henry@utzoo.UUCP (Henry Spencer)
Newsgroups: comp.unix.wizards
Subject: Re: System V job control idea
Message-ID: <7987@utzoo.UUCP>
Date: Fri, 1-May-87 17:10:33 EDT
Article-I.D.: utzoo.7987
Posted: Fri May  1 17:10:33 1987
Date-Received: Fri, 1-May-87 17:10:33 EDT
References: <337@tdi2.UUCP>
Organization: U of Toronto Zoology
Lines: 12

> Aside from the inhibition of setuid (which should be reconsidered for this
> application, maybe; what kind of ``fraud'' is it designed to prevent?)...

The obvious kind:  modifying the code of a setuid program.

Note that being able to suspend a setuid program is in itself a security
defect (the program may be in the middle of updating a database, may have
things locked, etc.), so being unable to run setuid programs in such a
setup isn't necessarily a flaw.
-- 
"If you want PL/I, you know       Henry Spencer @ U of Toronto Zoology
where to find it." -- DMR         {allegra,ihnp4,decvax,pyramid}!utzoo!henry