current-users: Re: chown, quotas and security

Subject: Re: chown, quotas and security
To: David Maxwell <david@spinne.web.net>
From: Michael Graff <explorer@vorpal.com>
List: current-users
Date: 11/07/1994 00:48:29

>For most sites this is a bad thing to do...
>
>% cp /bin/sh /tmp/igetroot
>% chmod u+s /tmp/igetroot
>% /usr/sbin/chown root /tmp/igetroot
>% /tmp/igetroot

Unless chown would do something smart, like strip off setuid bits, like cp
does:

% ls -l /bin/ps
-r-xr-sr-x  1 bin  kmem  143360 Oct 23 03:40 /bin/ps
% cp /bin/ps myps
% ls -l myps
-r-xr-x---  1 explorer  explorer  143360 Nov  7 00:47 myps


--Michael

--
Michael Graff <explorer@vorpal.com>       NetBSD is the way to go!
PGP key on a key-server near you!         Rayshade the world!