[891] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] joy

daemon@ATHENA.MIT.EDU (Matt)
Wed Jul 10 18:34:58 1996

To: linux-security@tarsier.cv.nrao.edu
From: panzer@dhp.com (Matt)
Date: 10 Jul 1996 17:38:00 -0400

Jordy (jordy@thirdwave.net) wrote:
: actually, dip does need to be setuid because it modifies the routing tables.

SETUID programs are setuid because users are calling them.  Why is dip 
being called by a user?  If programs are unsuited for being called by 
users, then perhaps a wrapper that doesn't except user input is more 
called for?

My point is that there are very few programs that need to be SUID.  SU is 
one that needs to be off hand, /bin/login does not need to be, because it 
is called by telnetd which is running as root, because it is spawned from 
inetd.  etc...

-- 
 -Matt     (panzer@dhp.com)                         DI-1-9026
 "That which can never be enforced should not be prohibited."

home help back first fref pref prev next nref lref last post