tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: hardlinks to setuid binaries



On Mon, Mar 28, 2022 at 11:42:31PM +1100, matthew green wrote:
 > i don't see the benefit of a special mode/flag on a subdir to 
 > allow this.  as a normal user, i can create setuid to me and
 > i think that's a fine think to allow.

You could imagine two flags, one for root and one settable by users
that allows a directory to contain objects setuid to the directory
owner or setgid to the directory group. (like the two immutable flags)

It's more obviously useful for device nodes, since the only times when
device nodes belong anywhere except /dev (and a chroot tree's /dev)
are very specific arrangements established explicitly by the sysadmin.

Plenty of compat issues to figure out before trying to deploy either,
though.

(though I don't see where even the setuid flag interferes with
updating base and in pkgsrc it'll only interfere with the small number
of packages that build in destdir but not user-destdir mode)

-- 
David A. Holland
dholland%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index