Xref: utzoo comp.unix.wizards:7037 comp.bugs.sys5:367
Path: utzoo!mnetor!uunet!husc6!hao!ames!ll-xn!oberon!skat.usc.edu!blarson
From: blarson@skat.usc.edu (Bob Larson)
Newsgroups: comp.unix.wizards,comp.bugs.sys5
Subject: Re: Guide to writing secure setuid programs?
Message-ID: <7616@oberon.USC.EDU>
Date: 13 Mar 88 23:41:53 GMT
References: <181@wsccs.UUCP> <722@rivm05.UUCP> <1037@woton.UUCP> <700@virginia.acc.virginia.edu>
Sender: news@oberon.USC.EDU
Reply-To: blarson@skat.usc.edu (Bob Larson)
Organization: USC AIS, Los Angeles
Lines: 16

In article <700@virginia.acc.virginia.edu> scl@virginia.acc.Virginia.EDU (Steve Losen) writes:
>2)  Avoid setuid if you can.  I once wrote a very simple print spooler
>	that puts files in a directory where they are picked up periodically
>	by a daemon to be printed.  I made the directory 777 instead of using
>	setuid-to-lp fraud.  Sure a malicious user can remove files in the
>	print queue. So what?

So what?  It depends a lot on what you are printing.  When someone
modifies the batch of checks waiting to be printed or gives the
confedintial information you were printing to a compeditor I doubt
your boss wold say "So what?".
-- 
Bob Larson	Arpa: Blarson@Ecla.Usc.Edu	blarson@skat.usc.edu
Uucp: {sdcrdcf,cit-vax}!oberon!skat!blarson
Prime mailing list:	info-prime-request%fns1@ecla.usc.edu
			oberon!fns1!info-prime-request