From: utzoo!decvax!genradbo!mitccc!jfw
Newsgroups: net.unix-wizards
Title: Re: More on SUID and exec
Article-I.D.: mitccc.309
Posted: Sun Feb 13 22:30:14 1983
Received: Wed Feb 16 03:39:27 1983
References: spanky.201

GRRRRRRRR!

	Let there exist:

		drwx------  games	topdir
			drwx--x--x  games	middledir
				--x--x--x  games	. Rogue

I start Rogue, play a while, type ! to get a shell escape, and then
type "ln .\ Rogue /usr/jfw/bin/HaHaHa".  And then get to play Rogue on
the uucp dialup, over the CHAOSNET from a Lisp Machine, and during Prime
Time, all at once.  Maybe scrambling the name enough will make it take a while
to get the name right, but it can be done.

Why does FIONCLEX mode exist for files?  Is not a non-SUID exec a clean
and SUFFICIENT analogous way to achieve this purpose??

I know, games are not the most crucial application one can think of, but
aren't there any applications where you could fail to want people to run
a program without specific permission, yet you can't modify that program
to do its own checking (perhaps a binary only (GAK) license or something?).
As a UNIX minimalist, I would not even think of a kernel change if there
were any way of kludging a way of accomplishing this, having taken that
view in many other arguments around CCC...

		John Woods, ...!decvax!genradbo!mitccc!jfw