[985] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

FD/overwriting suid files

daemon@ATHENA.MIT.EDU (Nathan Lawson)
Mon Feb 13 22:09:06 1995

From: nlawson@statler.csc.calpoly.edu (Nathan Lawson)
To: bugtraq@fc.net
Date: Mon, 13 Feb 1995 12:26:04 -0800 (PST)

I always have thought that any good OS will reset any suid/sgid bits on a file
write.  Such is the case for the Solaris 2.4 machine I tested this on.  I think
any OS that doesn't do this has some deep design flaws.

wopr> touch n
wopr> ls -l n
   0 -rw-------  1 nlawson         0 Feb 13 12:19 n
wopr> chmod 7777 n
wopr> ls -l n
   0 -rwsrwsrwx  1 nlawson         0 Feb 13 12:19 n*
wopr> echo /bin/sh >> n
wopr> ls -l n
   1 -rwxrwxrwx  1 nlawson         8 Feb 13 12:19 n*

-- 
Nathan Lawson   | "One of the advantages of using UNIX to teach an operating
CSL 490 Admin   |  systems course is the sources and documentation will easily
756-7180 @Work  |  fit into a students briefcase."  -- John Lions (1976)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[985] in bugtraq

FD/overwriting suid files

daemon@ATHENA.MIT.EDU (Nathan Lawson)Mon Feb 13 22:09:06 1995

daemon@ATHENA.MIT.EDU (Nathan Lawson)
Mon Feb 13 22:09:06 1995