home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.os.linux
- Path: sparky!uunet!wupost!sdd.hp.com!ux1.cso.uiuc.edu!randall
- From: Upholder@uiuc.edu (THE Upholder of Truth)
- Subject: Re: clearing SUID bit on writes
- Message-ID: <BtxquI.My6@ux1.cso.uiuc.edu>
- Sender: randall@ux1.cso.uiuc.edu (THE Upholder of Truth)
- Reply-To: Upholder@uiuc.edu (THE Upholder of Truth)
- Organization: The University of Illinois at Urbana-Champaign (UIUC)
- References: <1992Sep1.170221.17317@athena.mit.edu> <kecw=5m00VogI1C1Jm@andrew.cmu.edu> <1992Sep1.235018.14835@fwi.uva.nl>
- Date: Wed, 2 Sep 1992 05:20:28 GMT
- Lines: 29
-
- vesseur@fwi.uva.nl (Joep JJ Vesseur) writes:
-
- > well, i don't know to what extend linux _is_ secure (anyone out there
- >cares to make any correctness proofs?) and whether anyone uses it
- >as a real multiple user (read: different users) system at the moment,
- >but no doubt this will happen in the future.
-
- Well, as soon as the SLIP and TCP/IP code is all in the kernel, I'm planning
- on allowing incoming telnets from the internet at large.
-
-
- As it is, I compiled ka9q with the incoming telnet patches (posted here
- some time ago) and have been using it to attempt to allow incoming telnet
- sessions. NO dice so far.... it connects fine, but not getty or login
- is spawned to the connection... (anyone got it working? if you do, please
- drop me a line).
-
-
- > i only don't think it should clean the bit on all modifications, only
- >those initiated by users with a different real-uid than the owner of
- >the file, in contrast to sysV.
-
- That sounds reasonable... but the original proposal (clear on write)
- is probably more secure. (root might accidentally write to passwd, etc)
- --
- The Upholder of Truth I am not only ready to
- Upholder@uiuc.edu (BSD/ASCII mail) retract this, but also
- jar42733@sumter.cso.uiuc.edu (NeXT mail) deny I said anything. =)
- wi.4173@wizvax.methuen.ma.us (anon. mail) This is *NOT* CCSO's opinion.
-
