Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!yetti!geac!daveb
From: daveb@geac.UUCP (Brown)
Newsgroups: comp.sources.d
Subject: Re: kermit lock files - setuid/setgid security holes
Message-ID: <1193@geac.UUCP>
Date: Thu, 20-Aug-87 15:42:37 EDT
Article-I.D.: geac.1193
Posted: Thu Aug 20 15:42:37 1987
Date-Received: Sat, 22-Aug-87 08:53:57 EDT
References: <605@quacky.UUCP>
Reply-To: daveb@geac.UUCP (Dave Collier-Brown)
Distribution: world
Organization: The little blue rock next to that twinkly star.
Lines: 19

In article <605@quacky.UUCP> dce@mips.UUCP (David Elliott) writes:
>The main theme seems to be "make kermit setuid uucp or setgid
>daemon", which is not a good idea, folks. 

  Oops, I wasn't thinking when I sugested that!
  I meant to say make a program executable by the Kermit _group_
but owned by root create/delete the lock files.  Then you make it 
clean up any existing locks set by the same user (on the same port?),
so if you crash out of Kermy your next try cleans up the dangling
lock.

 --dave (put brain in gear befor engaging mouth) colier-brown


-- 
 David Collier-Brown.                 {mnetor|yetti|utgpu}!geac!daveb
 Geac Computers International Inc.,   |  Computer Science loses its
 350 Steelcase Road,Markham, Ontario, |  memory (if not its mind)
 CANADA, L3R 1B3 (416) 475-0525 x3279 |  every 6 months.