[989] in bugtraq
Re: FD/overwriting suid files
daemon@ATHENA.MIT.EDU (Rens Troost)
Tue Feb 14 10:28:10 1995
To: grs@claircom.com (Gregg Siegfried)
Cc: nlawson@statler.csc.calpoly.edu, bugtraq@fc.net
In-Reply-To: Your message of "Mon, 13 Feb 1995 16:45:00 PST."
<m0reBO1-0001MiC@torpedo.claircom.com>
Reply-To: rens@imsi.com
Date: Tue, 14 Feb 1995 07:59:49 -0500
From: Rens Troost <rens@imsi.com>
>>>>> "Gregg" == Gregg Siegfried <grs@claircom.com> writes:
>> I always have thought that any good OS will reset any suid/sgid
>> bits on a file write. Such is the case for the Solaris 2.4
>> machine I tested this on. I think any OS that doesn't do this
>> has some deep design flaws.
Gregg> I've been back and forth on this with Sun. That the setuid
Gregg> and setgid bits are reset on *any* write, I consider a bug.
It would be bad if setgid bits on a directory were changed on a
directory write!
-Rens
