-x implementations
Maarten Litmaath
maart at cs.vu.nl
Sat Feb 2 21:13:27 AEST 1991
In article <6124 at segue.segue.com>,
jim at segue.segue.com (Jim Balter) writes:
)In article <19017 at rpp386.cactus.org>
) jfh at rpp386.cactus.org (John F Haugh II) writes:
)>test(1) is the sick on. Any version of test(1) which relies on
)>access(2) is broken.
)
)1) The fact that access does not provide an option to test the effective uid
) is brain damage.
And the following piece of kernel code:
/*
* If you're the super-user,
* you always get access.
*/
if (u.u_uid == 0)
return (0);
)2) It only matters if the program calling access has S_ISUID or S_ISGID set.
Not true.
) Why would test be installed with set-uid privileges?
What if the program (e.g. the shell) that _calls_ `test', is setuid?
(I.e. its effective uid differs from its real uid.)
--
"Salman Rushdie received a copy just as his latest novel was being published.
He ignored it and received myriads of death threats. He quickly decided to
send out twenty copies (some to the Ayatollah) and is still alive."
(John Banagan <jvbanagan at ucdavis.edu> in sci.skeptic)
More information about the Comp.unix.programmer
mailing list