From owner-freebsd-hackers Thu Nov 28 06:57:34 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id GAA29241 for hackers-outgoing; Thu, 28 Nov 1996 06:57:34 -0800 (PST) Received: from ami.tom.computerworks.net (AMI.RES.CMU.EDU [128.2.95.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id GAA29236 for ; Thu, 28 Nov 1996 06:57:33 -0800 (PST) Received: from bonkers.taronga.com by ami.tom.computerworks.net with smtp (Smail3.1.29.1 #1) id m0vT7u6-0021WqC; Thu, 28 Nov 96 09:57 EST Received: (from peter@localhost) by bonkers.taronga.com (8.6.11/8.6.9) id IAA22351 for hackers@freebsd.org; Thu, 28 Nov 1996 08:54:35 -0600 From: peter@taronga.com (Peter da Silva) Message-Id: <199611281454.IAA22351@bonkers.taronga.com> Subject: Re: looking for an idea To: hackers@freebsd.org Date: Thu, 28 Nov 1996 08:54:35 -0600 (CST) In-Reply-To: <199611280955.AA040424941@ws2301.gud.siemens.co.at> References: <329CBC11.59E2B600@whistle.com> X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article <199611280955.AA040424941@ws2301.gud.siemens.co.at>, Hr.Ladavac wrote: >So, yes, your solution is okay for the server-is-root case. Anyone sees >some real problems with that? The standard technique before Berkeley created the fascist file system (at least that's what it was called back then) and on System V was to create a 0400 file owned by the user and setuid, containing some information provided by the entity you're trying to convince. In "classic" UNIX if you wrote to a file it reset the setuid bit, and if you chowned a file it reset the setuid bit, and you couldn't set the setuid bit without being the owner, so there was no way the user could create a file like that unless they were who they said they were.