Xref: utzoo comp.sys.att:3776 comp.unix.questions:8224 comp.unix.wizards:9907
Path: utzoo!attcan!uunet!lll-winken!lll-tis!ames!amdahl!pacbell!ptsfa!jmc
From: jmc@ptsfa.PacBell.COM (Jerry Carlin)
Newsgroups: comp.sys.att,comp.unix.questions,comp.unix.wizards
Subject: Re: Setuid on expreserve and exrecover
Keywords: setuid, vi, expreserve, exrecover
Message-ID: <4410@ptsfa.PacBell.COM>
Date: 14 Jul 88 15:08:20 GMT
References: <794@pttesac.UUCP>
Reply-To: jmc@ptsfa.PacBell.COM (Jerry Carlin)
Organization: Pacific * Bell, San Ramon, CA
Lines: 13

In article <794@pttesac.UUCP> robert@pttesac.UUCP (Robert Rodriguez) writes:
>Does anyone know the reason for /usr/lib/ex*preserve being
>set-user-id bin or root ?

Needed on BSD but not on System V due to chown() requiring root privileges. 

Do us all a favor and if you are a V. system chmod 555 ex*preserve and
chmod 777 /usr/preserve.  ex*preserve has a well-known security problem.
If any vendor is still delivering systems with ex*preserve setuid they
should be shot at sunrise.

-- 
Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc
To dream the impossible dream. To fight the unbeatable foe.