Date: Thu, 28 Nov 1996 08:54:35 -0600 (CST) From: peter@taronga.com (Peter da Silva) To: hackers@freebsd.org Subject: Re: looking for an idea Message-ID: <199611281454.IAA22351@bonkers.taronga.com> In-Reply-To: <199611280955.AA040424941@ws2301.gud.siemens.co.at> References: <329CBC11.59E2B600@whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <199611280955.AA040424941@ws2301.gud.siemens.co.at>, Hr.Ladavac <lada@ws2301.gud.siemens.co.at> wrote: >So, yes, your solution is okay for the server-is-root case. Anyone sees >some real problems with that? The standard technique before Berkeley created the fascist file system (at least that's what it was called back then) and on System V was to create a 0400 file owned by the user and setuid, containing some information provided by the entity you're trying to convince. In "classic" UNIX if you wrote to a file it reset the setuid bit, and if you chowned a file it reset the setuid bit, and you couldn't set the setuid bit without being the owner, so there was no way the user could create a file like that unless they were who they said they were.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611281454.IAA22351>