so who has mkdir and rmdir for non-4.2 systems
guy at sun.UUCP
guy at sun.UUCP
Mon Jul 14 16:25:54 AEST 1986
> To emulate 4.[23]'s mkdir()/rmdir() correctly, you have to
> be able to do the right thing when the invoking program is
> setuid to someone.
...
> I can't locate the right Sys V manual to be able to determine
> if it can be done sensibly with fork()/exec*() and a setuid()
> of some variety in between.
S5 doesn't make it any easier. You need to be able to set the real UID of
the child process to match the effective UID, and it won't let you do that.
This causes worse problems than just making it impossible for set-UID
programs to run "mkdir" or "rmdir" with the proper permissions. It means a
set-UID program - like, say, "uucico" - *can't* prevent itself from getting
zapped by a signal sent from a process running with the UID of the person
who started it; this means that in S5, if you do a "uucp", or "uux", or
anything that runs one of those commands, and it starts up a "uucico", you
can zap that "uucico" at any time!
--
Guy Harris
{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
guy at sun.com (or guy at sun.arpa)
More information about the Comp.unix.wizards
mailing list