Aucbvax.2979
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Tue Sep 8 02:30:15 1981
>From ihnss!mhtsa!harpo!chico!esquire!nrh@Berkeley Tue Sep 8 00:57:27 1981
Subject: Unix security and mail directory
Newsgroups: fa.unix-wizards
>From Lepreau@UTAH-20 Sat Sep 5 06:28:45 1981
Berkeley vmunix has solved some of the security problems inherent in the
setuid mechanism by one simple kernel mod: whenever a file is modified
or chown'ed, the setuid/gid bits go away. This takes care of the
problem James mentioned, for example.
Jay
-------
And here I thought that there were HACKS coming out of Berkely!!!
The more side effects people build in to UNIX, the less clear the
wonderful system interface will become.
Turning off setuid bits on a file when chown() is called on it makes sense,
because no amount of care on the part of one user could prevent his files
from being compromised without this feature.
Turning off setuid bits when a file is modified is an attempt to protect
the programmer from a mistake in his programs. While it may be convenient,
(is it really?) it seems a little misplaced. Why not a library routine
to do this?
One final bit of sour grapes: if something doesn't BELONG in the kernal,
it doesn't matter HOW simple it is to put that thing in the kernal.
-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <
[email protected]>
of
http://communication.ucsd.edu/A-News/
This Usenet Oldnews Archive
article may be copied and distributed freely, provided:
1. There is no money collected for the text(s) of the articles.
2. The following notice remains appended to each copy:
The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.
