Re: /etc/utmp

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: ches@research.att.com: "Re: /etc/utmp"
• Previous message: Peter Wemm: "Re: sendmail exploit script"
• In reply to: Marc W. Mengel: "Re: /etc/utmp"
• Next in thread: Marc W. Mengel: "Re: /etc/utmp"

>Making things setuid root is almost always wrong.   Make a new
>group, say group "utmp", and make anything that needs to deal with
>utmp setgid utmp; similarly for mail, etc.  That way if you have
>something that needs to do mail and utmp, you can just put it in
>multiple groups.

Nice idea. The problem is that in the inode on a standard Unix
implementation there is only room for 1 repeat 1 group. Also in the
'u' area, there is only room for 1 primary group, 1 effective group
etc. This means that something like your program which needs to do
something with utmp and mail will not be able to do so, unless the
group for altering mail is the same as the group for altering utmp.

Pretty soon you will find that everything which wants to do anything
will be SGID to this group. Any poorly written program which is SGID
to this supergroup will be as weak as a poorly written SUID root
program.

• Next message: ches@research.att.com: "Re: /etc/utmp"
• Previous message: Peter Wemm: "Re: sendmail exploit script"
• In reply to: Marc W. Mengel: "Re: /etc/utmp"
• Next in thread: Marc W. Mengel: "Re: /etc/utmp"