From owner-freebsd-hackers  Sat Oct 16  2:12:21 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from jason.argos.org (a1-3a123.neo.rr.com [24.93.180.123])
	by hub.freebsd.org (Postfix) with ESMTP id 18F6714D40
	for <freebsd-hackers@FreeBSD.ORG>; Sat, 16 Oct 1999 02:12:18 -0700 (PDT)
	(envelope-from mike@argos.org)
Received: from localhost (mike@localhost)
	by jason.argos.org (8.9.1/8.9.1) with ESMTP id FAA25456;
	Sat, 16 Oct 1999 05:12:11 -0400
Date: Sat, 16 Oct 1999 05:12:11 -0400 (EDT)
From: Mike Nowlin <mike@argos.org>
To: Julian Elischer <julian@whistle.com>
Cc: Jos Backus <Jos.Backus@nl.origin-it.com>,
	freebsd-hackers@FreeBSD.ORG
Subject: Re: SUIDDIR problem
In-Reply-To: <Pine.BSF.4.10.9910151021550.18204-100000@current1.whistle.com>
Message-ID: <Pine.LNX.4.05.9910160508230.25028-100000@jason.argos.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


> SUIDDIR will work for any user EXCEPT ROOT
> I did this because I felt it was a security hole to allow users to create
> files owned by root.
> (from memory it will also refuse to do files that have the execute bit set
> but I can't remember for sure)

In a mildly drunken state, I respond.....  :)

Without looking, I'd imagine that if the chmod command of FTP will allow
you to do a "chmod 4755 file-I-just-uploaded" -- if you have the ability
to execute programs on the machine you uploaded to, this could be a major 
problem.....  Hence, I'd agree with your decision.

--mike




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message