Path: utzoo!mnetor!uunet!lll-winken!lll-tis!ames!mailrus!tut.cis.ohio-state.edu!osu-cis!att!att-ih!chinet!les
From: les@chinet.UUCP (Leslie Mikesell)
Newsgroups: comp.unix.wizards
Subject: Re: access(2) (was: Writing to A NON-Existing File in "C")
Message-ID: <4896@chinet.UUCP>
Date: 21 Apr 88 03:51:21 GMT
References: <9654@jplgodo.UUCP> <14020030@hpisod2.HP.COM> <887@cresswell.quintus.UUCP> <11144@mimsy.UUCP>
Reply-To: les@chinet.UUCP (Leslie Mikesell)
Organization: Chinet - Public Access Unix
Lines: 11

In article <11144@mimsy.UUCP> chris@mimsy.UUCP (Chris Torek) writes:
>(Of course, each set-ID program can always do
>	setgid(getegid()); setuid(geteuid());
>before attempting to run other programs, but few do.  Then again,
>there are few set-ID programs that run other programs....)

Uuxqt is perhaps a notable execption?  Switching to the real uid
(which is likely to be some random person that sent mail recently)
would probably not be a good idea...


  Les Mikesell