Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!mcgill-vision!mouse
From: mouse@mcgill-vision.UUCP (der Mouse)
Newsgroups: comp.emacs
Subject: Re: Is GNU Cause of Security Problems???
Message-ID: <1099@mcgill-vision.UUCP>
Date: 16 May 88 05:11:03 GMT
References: <5290@aw.sei.cmu.edu> <4983@bloom-beacon.MIT.EDU> <193@ists> <227@corona.pb>
Organization: McGill University, Montreal
Lines: 23
Posted: Mon May 16 01:11:03 1988

In article <227@corona.pb>, michael@pbinfo.UUCP (Michael Schmidt) writes:
> #ifdef HIGHPRI
>   setpriority (PRIO_PROCESS, getpid (), HIGHPRI);
>   setuid (getuid ());
> #endif HIGHPRI

> Then, if you forget, that you decided NOT to define HIGHPRI and
> install it with suid root, you will have trouble.

This is silly, particularly when interchanging the last two lines of
code in the quoted section (the setuid() and the #endif) totally cures
the problem.  Why wasn't it written that way to begin with?  The cost
of two more (trivial) syscalls per run is low enough to be ignorable,
especially when it insulates against this sort of hazard.

Note, though, that if you don't define HIGHPRI and then install it
setuid root, all files it creates will be root-owned, which will make
the problem immediately visible.

					der Mouse

			uucp: mouse@mcgill-vision.uucp
			arpa: mouse@larry.mcrcim.mcgill.edu