Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uwmcsd1!marque!uunet!munnari!basser!boyd
From: boyd@basser.oz (Boyd Roberts)
Newsgroups: comp.unix.wizards
Subject: Re: System V.2.2 setuid() broken
Summary: FLAME-------------->*ON*
Message-ID: <1319@basser.oz>
Date: 18 Jul 88 01:47:40 GMT
References: <5968@umn-cs.cs.umn.edu> <2820@ttidca.TTI.COM> <58603@sun.uucp> <3942@rpp386.UUCP> <5292@june.cs.washington.edu>
Reply-To: boyd@basser.oz (Boyd Roberts)
Organization: Dept of Comp Sci, Uni of Sydney, Australia
Lines: 40

In article <5292@june.cs.washington.edu> ka@june.cs.washington.edu (Kenneth Almquist) writes:
>
>I hope you don't really think that UNIX will protect you if you run
>a Trojan horse program, setuid bugs or not.  The only way to protect
>yourself from Trojan horse programs is not to run them, especially if
>you are superuser.
>				Kenneth Almquist

Correct, this _is_ the bottom line.

With the protect-against-total-disaster attitude prevailing, in the
face of common sense, the logical extension is to:

    1. put on your nuke/chemical warfare suit (with gas-mask)
    2. enter your underground nuke-proof shelter
    3. encase your UNIX box in a serious ``over-pressure'' resistant room
    4. get yourself an ASR-33 (resists EMP) tty
    5. cable up your tty using serious MIL spec EMP-proof shielded cables.
    6. rip setuid out of the kernel
    7. turn ``-i'' on in ``rm'' permanently

    and

    8. use ``ed'' to write your programs


Now, is that safe enough, or am I being silly?

Also, I have _actually_ RTFM-ed and still couldn't believe that
such stupidity could actually be implemented, so I read the code.

It had.

By the way, read kill(2).  It's a scream.


Boyd Roberts			boyd@basser.cs.su.oz
				boyd@necisa.necisa.oz

``When the going gets wierd, the weird turn pro...''