Bugtraq mailing list archives
Re: FD/overwriting suid files
From: iceman () MBnet MB CA (Oliver Friedrichs)
Date: Mon, 13 Feb 1995 23:29:06 -0600 (CST)
On Mon, 13 Feb 1995, Nathan Lawson wrote:
I always have thought that any good OS will reset any suid/sgid bits on a file write. Such is the case for the Solaris 2.4 machine I tested this on. I think any OS that doesn't do this has some deep design flaws.
This isn't the case for the superuser. # touch s # chmod 4755 s # ls -l s -rwsr-xr-x 1 root other 0 Feb 13 23:27 s # cp /bin/sh s # ls -l s -rwsr-xr-x 1 root other 85924 Feb 13 23:27 s # It also doesn't apply to the superuser writing to setuid files owned by anyone else. This is rightly so, since root could do whatever it wanted anyways. - Oliver
Current thread:
- FD/overwriting suid files Nathan Lawson (Feb 13)
- Re: FD/overwriting suid files Oliver Friedrichs (Feb 13)
- <Possible follow-ups>
- Re: FD/overwriting suid files Gregg Siegfried (Feb 13)
- Re[2]: IFS Tim.Herman () GSA GOV (Feb 14)
- Re: FD/overwriting suid files Rens Troost (Feb 14)