[983] in bugtraq
Re: FD/overwriting suid files
daemon@ATHENA.MIT.EDU (Gregg Siegfried)
Mon Feb 13 20:36:21 1995
Date: Mon, 13 Feb 95 16:45 PST
From: grs@claircom.com (Gregg Siegfried)
To: nlawson@statler.csc.calpoly.edu
Cc: bugtraq@fc.net
>
> I always have thought that any good OS will reset any suid/sgid bits on a file
> write. Such is the case for the Solaris 2.4 machine I tested this on. I think
> any OS that doesn't do this has some deep design flaws.
I've been back and forth on this with Sun. That the setuid and setgid
bits are reset on *any* write, I consider a bug. I agree that the setuid
bit must be reset if the process that is doing the writing has a uid/euid
different from the owner of the file, and that the setgid must be reset
if the writing process is not a member of the group of the file.
Sun apparently agrees with your interpretation.
I take issue with your "deep design flaws" comment, however. Although
obviously a major security flaw, I'm not sure I'd categorize such a defect
in such strong language. In fact, while I do not have my Lions book to
verify it, I will hypothesize that the version you refer to in your signature
exhibited the behaviour you condemn.
I will give you that, in this decade, this type of defect may very well be
indicative of the "deep design flaws" you refer to.
Gregg Siegfried
grs@claircom.com
> Nathan Lawson | "One of the advantages of using UNIX to teach an operating
> CSL 490 Admin | systems course is the sources and documentation will easily
> 756-7180 @Work | fit into a students briefcase." -- John Lions (1976)
