[160] in linux-security and linux-alert archive
Re: Closing suid root holes
daemon@ATHENA.MIT.EDU (Joseph S. D. Yao)
Mon Mar 13 22:07:14 1995
Date: Mon, 13 Mar 1995 10:47:05 -0500
From: "Joseph S. D. Yao" <jsdy@cais.cais.com>
To: linux-security@tarsier.cv.nrao.edu
Reply-To: linux-security@tarsier.cv.nrao.edu
> ... Just imagine the passwd file being mode 444. Then a program that had
> a bug that allowed the bad guys to append to any file could not be used.
> Of curse this means modifying the passwd programs and good knows how many
> other things, to do a chmod before and after opening the file.
Which I do routinely on my "work" systems. No big deal.
Joe Yao jsdy@cais.com - Joseph S. D. Yao
