Date: Thu, 23 Jul 2009 20:11:33 +0200 From: Ivan Voras <ivoras@freebsd.org> To: perryh@pluto.rain.com Cc: freebsd-hackers@freebsd.org Subject: Re: SGID/SUID on scripts Message-ID: <9bbcef730907231111s2ef20e76s5a19a6270b3b5f03@mail.gmail.com> In-Reply-To: <4a68a02b.qjV%2BUOvOtUWLEPN1%perryh@pluto.rain.com> References: <19939654343.20090722214221@mail.ru> <4A6795E7.7020700@darkbsd.org> <h4a2br$4mc$1@ger.gmane.org> <4a68a02b.qjV%2BUOvOtUWLEPN1%perryh@pluto.rain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2009/7/23 <perryh@pluto.rain.com>: > Ivan Voras <ivoras@freebsd.org> wrote: >> Presumingly, the biggest concern is with scripts owned by root. >> Who can unlink, move or change the script? The owner and his >> group can change it; the directory owner can unlink it ... > > Anyone can make a link to such a script in, say, /tmp and then > mess with the link :( You mean setuid a soft link? That's allowed? -- f+rEnSIBITAhITAhLR1nM9F4cIs5KJrhbcsVtUIt7K1MhWJy1A==
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9bbcef730907231111s2ef20e76s5a19a6270b3b5f03>