It works everywhere else, but not on AIX
John F Haugh II
jfh at greenber.austin.ibm.com
Fri Apr 19 06:13:19 AEST 1991
In article <1991Apr18.130033.1472 at batcomputer.tn.cornell.edu> shore at theory.tn.cornell.edu (Melinda Shore) writes:
|In article <313 at crcaus.cactus.org> john at crcaus.UUCP (John R. Miller) writes:
|>Of course, it's simple
|>enough to correct: just un-suid df.
|
|The reason that df is setuid is so that it can read device special
|files for the filesystems without making them world-readable. If
|you turn off the setuid bit on df it should fail; if it doesn't
|you've got a security problem. It *should* be setuid root. There's
|no compelling reason for it not to be, and plenty of reasons why it
|should.
No - "df" does not need to read the device file. There is a system
call, statfs(), which will return the correct information regarding
the file system, and it does not require any kernel privileges. That
is what AIX uses to determine the free space, so John is correct in
saying it doesn't need to be setuid "bin".
This isn't the case for all of the various flavours of AIX, but it
is true for v3. v1 and v2 (I think) do not include statfs(). They
would have to have setuid bits turned on for df (and my PS/2 is setuid
"root", as is expected.)
--
John F. Haugh II | I've Been Moved | MaBellNet: (512) 838-4340
SneakerNet: 809/1D064 | AGAIN ! | VNET: LCCB386 at AUSVMQ
BangNet: ..!cs.utexas.edu!ibmchs!auschs!snowball.austin.ibm.com!jfh (e-i-e-i-o)
More information about the Comp.unix.aix
mailing list