Re: suid binaries should not be writable by owner

To: Debian-Policy List <debian-policy@lists.debian.org>
Subject: Re: suid binaries should not be writable by owner
From: Nicolás Lichtmaier <nick@debian.org>
Date: Wed, 7 Feb 2001 00:58:02 -0300
Message-id: <[🔎] 20010207005802.B16217@debian.org>
In-reply-to: <[🔎] 20010205214100.A21439@olemiss.edu>; from lawrencc@debian.org on Mon, Feb 05, 2001 at 09:41:00PM -0600
References: <[🔎] 20010205192407.L21552@kitenet.net> <[🔎] 20010205192717.M21552@kitenet.net> <[🔎] 20010205214100.A21439@olemiss.edu>

> > Argh, egg on face: linux lets the owner of a file modify it even if it
> > is mode 444 and in a directory they do not own. Yuck! Is this standard
> > unix semantics? It sucks.
> Even worse: IIRC the owner of a file can chmod it to his or her
> heart's content, and this is standard Unix semantics.  It could be
> mode 000 for all Linux cares.

 A better design would have been having the file to have a second UID/GID.

 So, a file could be owned by root, but setuid man.

Reply to:

Follow-Ups:
- Re: suid binaries should not be writable by owner
  - From: Brian May <bam@debian.org>
- Re: suid binaries should not be writable by owner
  - From: Chris Lawrence <lawrencc@debian.org>

References:
- suid binaries should not be writable by owner
  - From: Joey Hess <joeyh@debian.org>
- Re: suid binaries should not be writable by owner
  - From: Joey Hess <joeyh@debian.org>
- Re: suid binaries should not be writable by owner
  - From: Chris Lawrence <lawrencc@debian.org>

Prev by Date: Re: Incorporating packaging manual in policy
Next by Date: Re: suid binaries should not be writable by owner
Previous by thread: Re: suid binaries should not be writable by owner
Next by thread: Re: suid binaries should not be writable by owner
Index(es):
- Date
- Thread