Aucbvax.3034
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Wed Sep  9 22:21:20 1981

>From mhtsa!chico!esquire!nrh@Berkeley Wed Sep  9 22:15:40 1981
A recent netnews item mentioned that Berkeley's vmunix turned off the
setuid bit on a file when that file was modified.
The item suggested that this solved a security problem with v7 mail.

I sent a reply to this item, but it seems to have gotten lost.  Try
again.....

One thing I learned from v6 unix:  An OS that does:

       1. What you tell it to do
       2. \ONLY/ what you tell it to do

is orders of magnitude more usable than one which tries to protect you
from yourself.  In my (limited) experience, the ones that try to
protect you mostly manage to protect you from doing any useful work.
Turning off setuid when the ownership is changed by a non-su is
necessarily in the kernal.

Turning off setuid when the file is modified is "protecting the
programmer from his own foolishness", and could be done in a
library routine, rather than in the kernal.

One last bit of sour grapes:  the message about Berkeley's mod
said that the kernal change is "simple".  Pfui. It doesn't matter
how simple the mod is if it doesn't belong in the kernal.

-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <[email protected]>
of http://communication.ucsd.edu/A-News/


This Usenet Oldnews Archive
article may be copied and distributed freely, provided:

1. There is no money collected for the text(s) of the articles.

2. The following notice remains appended to each copy:

The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.