From: utzoo!decvax!cca!ima!johnl Newsgroups: net.unix-wizards Title: Set UID inquiry - (nf) Article-I.D.: ima.286 Posted: Mon Feb 7 03:23:54 1983 Received: Tue Feb 8 03:06:22 1983 #N:ima:20400002:000:769 ima!johnl Feb 6 17:12:00 1983 The following question has come up lately: A program with the "set-user-ID" bit on turns on SUID-ness (i.e., it runs with the effective privileges of the program owner, not the invoker) but a program without SUID does not turn it off. This might be a bug, or it might be a feature. I think it's right the way it is, and gives you flexibility you wouldn't have otherwise. Other people think it's a security hole. Do any of you out there know of programs that depend on the behavior one way or the other? Reply to me, I'll summarize if there's interest. Thanks, as always, in advance. John Levine, IECC, PO Box 349, Cambridge MA 02238; (617) 491-5451 decvax!yale-co!jrl, harpo!esquire!ima!johnl, ucbvax!cbosgd!ima!johnl {research|alice|rabbit|amd70}!ima!johnl