[H-GEN] SUID, and Unix groups [long] [was: okie just what I sort of need to know]
Martin Pool
martinp at mincom.com
Mon Sep 13 00:41:48 EDT 1999
[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related topics. ]
On Mon, 13 Sep 1999, Byron Ellacott wrote:
> >a well organised system even most setuid programs could be owned by less
> >critial users such as "ppp". Setuid -is- a security risk for the simple
> >daemons, especially on multi-user machines. In the case of kppp, although
> >I have not used it, it sounds to me that the intention of an SUID bit is
> >that any user can start the program and connect the the net. You may
I also have not used kppp, and thus can criticize it from a position of
strength: it would be nice to have the suid functionality in a separate
small program called from kppp so that it can be independantly audited. I
think the RedHat dialer follows this approach.
--
Martin
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
More information about the General
mailing list