Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA
Path: utzoo!watmath!clyde!burl!ulysses!allegra!bellcore!decvax!genrad!teddy!panda!talcott!harvard!seismo!brl-tgr!tgr!ron@BRL-TGR
From: Ron Natalie  
Newsgroups: net.unix-wizards
Subject: Re:  unexpected alarms
Message-ID: <7175@brl-tgr.ARPA>
Date: Thu, 10-Jan-85 13:12:02 EST
Article-I.D.: brl-tgr.7175
Posted: Thu Jan 10 13:12:02 1985
Date-Received: Sun, 13-Jan-85 07:39:43 EST
Sender: news@brl-tgr.ARPA
Organization: Ballistic Research Lab
Lines: 15

All the manuals I have indicate that alarms are supposed to continue accross
execs.  This is just an example of people who are writing set-uid code not
taking the time to think things out.  Set-UID programs just have to be written
more robustly than non-setuid programs because of the implications.  For example:
a few years ago, I managed to blow away /etc/passwd by closing down file
descriptor 1 before execing "passwd."  It opens up /etc/passwd (coincidentally
on file 1) and then starts printing stuff on stdout, which is /etc/passwd.
Now I don't see anyone advocating changing it so setuid programs must return
numbers greater than 2 from open.

System Programmers Must Be Careful.

-Ron

Let the air out of your shoes and relax.