Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!genrad!decvax!harpo!floyd!vax135!ariel!houti!hogpc!houxm!ihnp4!ihldt!jhh
From: jhh@ihldt.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Ideas on UNIX security
Message-ID: <1703@ihldt.UUCP>
Date: Wed, 22-Jun-83 08:43:14 EDT
Article-I.D.: ihldt.1703
Posted: Wed Jun 22 08:43:14 1983
Date-Received: Thu, 23-Jun-83 00:58:01 EDT
Lines: 15

Even worse than finding setuid files in bizarre places, is modifying
programs that root will use often.  One approach could be to
write a version of ls or l that will change the owner of a file
to root, plus set the SUID bit on the file when it runs.
This way, the person who broke in could re-crack security any time
he pleased.  Since the chown and chmod calls would only work
if the files existed, the person could create the file,
wait for a super-user to execute ls or l, have his way with
the system, and remove the evidence when done.  The hardest
place to clean up would probably be the process accounting
files, plus remembering to change the modification times
when needed.

				John Haller
Aside to rfs - I don't have the time or patience to do this, don't worry.