Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!ames!hc!beta!unm-la!unmvax!turing.UNM.EDU!mike
From: mike@turing.UNM.EDU (Michael I. Bushnell)
Newsgroups: comp.unix.wizards
Subject: Re: access(2) (was: Writing to A NON-Existing File in "C")
Message-ID: <975@unmvax.unm.edu>
Date: 20 Apr 88 23:12:56 GMT
References: <9654@jplgodo.UUCP> <14020030@hpisod2.HP.COM> <887@cresswell.quintus.UUCP>
Sender: news@unmvax.unm.edu
Reply-To: mike@turing.UNM.EDU.UUCP (Michael I. Bushnell)
Organization: University of New Mexico, Albuquerque
Lines: 41

In article <887@cresswell.quintus.UUCP> ok@quintus.UUCP (Richard A. O'Keefe) writes:
>In article <14020030@hpisod2.HP.COM>, decot@hpisod2.HP.COM (Dave Decot) writes:
>> access(2) should not be used to determine the other access permissions
>> except in setuid programs, and even then, not for testing execute
>> access by setuid-root programs.
>
>If a program which is never intended to run setuid ensures that it is
>not being run setuid or setgid by doing

[Code fragment to test for suid conditions]

>where is the harm in subsequently using access(2) to test for permission to
>read or write a file?
>
>Is there any legitimate reason why someone might take a program which was
>not originally designed to run setuid or setguid and do chmod u+s
>or chmod g+s to it?


Not really.  But there is another way it can run under suid
conditions:

% whoami
foo
% su
Password:
# nifty_program


Note that nifty program will now have REAL uid foo and EFFECTIVE uid
root.


                N u m q u a m   G l o r i a   D e o 

			Michael I. Bushnell
			HASA - "A" division
14308 Skyline Rd NE				Computer Science Dept.
Albuquerque, NM  87123		OR		Farris Engineering Ctr.
	OR					University of New Mexico
mike@turing.unm.edu				Albuquerque, NM  87131
{ucbvax,gatech}!unmvax!turing.unm.edu!mike