Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uunet!auspex!guy
From: guy@auspex.auspex.com (Guy Harris)
Newsgroups: comp.unix.wizards
Subject: Re: SUID directories -- security concern?
Message-ID: <2960@auspex.auspex.com>
Date: 22 Feb 90 23:37:24 GMT
References: <13946@phoenix.Princeton.EDU> <1401@mitisft.Convergent.COM>
Organization: Auspex Systems, Santa Clara
Lines: 12

>>> >>I've never seen any code to make use of a SUID directory, ...
>
>I would suspect that code was written on a SysV 3.x system, that uses
>chmod to set the directory permissions to the new protections, and the 
>code, now being run pre-3.x, produces bits that aren't understood, although
>they can still be set.

I repeat: I've never seen any code to make use of an SUID directory. 
System V Release 3 uses the setGid bit on files for mandatory locking,
and V.3.2 uses the sticky bit for "sticky directories".  V.4 uses the
setGid bit on directories to get BSD-style file creation semantics for
files in that directory (SunOS 4.x-style).