Path: utzoo!attcan!uunet!wyse!vsi1!ames!pacbell!att!ihnp4!oddjob!matt
From: matt@oddjob.UChicago.EDU (Ka Kahula)
Newsgroups: comp.unix.wizards
Subject: Re: Who dat?
Message-ID: <14931@oddjob.UChicago.EDU>
Date: 21 Jul 88 18:31:57 GMT
References: <199@stca77.stc.oz> <2310@rtech.rtech.com> <3789@rpp386.UUCP> <51@minya.UUCP>
Organization: Koyaanisqatsi
Lines: 21

) In article <3789@rpp386.UUCP>, jfh@rpp386.UUCP (John F. Haugh II) writes:
) > have the client create a file with the suid and sgid bits set. ...

In article <51@minya.UUCP> jc@minya.UUCP (John Chambers) writes:
) Let's see, what I do when you ask my process A to create this file is
) to have a program B sitting around that is setuid/setgid to whomever
) I want you to think A is; ...

If you have this program B, you can impersonate your victim completely.
Why not just assume that you have your victim's password?  It comes
to the same thing.

 A would start up B as a subprocess, with the

) > this should be fully fool proof.
) 
) Careful who you call a fool, boy!

No error in this case.
________________________________________________________
Matt Crawford	     		matt@oddjob.uchicago.edu