Date: Sun, 09 Nov 1997 15:15:10 -0800 From: David Greenman <dg@root.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: hackers@FreeBSD.ORG Subject: Re: How useful is this patch? Message-ID: <199711092315.PAA27471@implode.root.com> In-Reply-To: Your message of "Sun, 09 Nov 1997 16:24:21 %2B0100." <19971109162421.IH64390@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
>As Julian Elischer wrote: > >> if a mount option is specified, then setting the SUID bit >> on a directory specifies similar inheritance with UIDS as we >> presently have with GIDs. > >As long as it's a mount option (defaulting to off), i think i could >live with it. > >> The SUID bits are hereditary to child directories, and >> a file 'given away' in this manner >> 1/ cannot be give n to root (would defeat quotas) >> 2/ has the execute bits stripped off (and suid) > >Problem: you can cause someone else a DoS attack by maliciously >filling his home directory. > >(I didn't review the patch itself, so i explicitly don't comment on >stylistic etc. bugs. Make sure the style adhers to the requirements >of style(9).) You could also create a .rhosts file, allowing anyone to log in as the user. You could also create a variety of other files like .tcshrc if it didn't already exist and the user's shell was tcsh (and similar other login scripts with other shells), or various X resource files if the user might start X apps. The list goes on and on. I think it sounds like a major security hole for just about anyone who enables it. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711092315.PAA27471>