Date: Sat, 16 Oct 1999 05:12:11 -0400 (EDT) From: Mike Nowlin <mike@argos.org> To: Julian Elischer <julian@whistle.com> Cc: Jos Backus <Jos.Backus@nl.origin-it.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: SUIDDIR problem Message-ID: <Pine.LNX.4.05.9910160508230.25028-100000@jason.argos.org> In-Reply-To: <Pine.BSF.4.10.9910151021550.18204-100000@current1.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> SUIDDIR will work for any user EXCEPT ROOT > I did this because I felt it was a security hole to allow users to create > files owned by root. > (from memory it will also refuse to do files that have the execute bit set > but I can't remember for sure) In a mildly drunken state, I respond..... :) Without looking, I'd imagine that if the chmod command of FTP will allow you to do a "chmod 4755 file-I-just-uploaded" -- if you have the ability to execute programs on the machine you uploaded to, this could be a major problem..... Hence, I'd agree with your decision. --mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9910160508230.25028-100000>