From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Tue, 16 Aug 2005 23:56:29 +0400 From: "Dmitry V. Levin" To: ALT Devel discussion list Subject: Re: [devel] suid/sgid programs and temporary files Message-ID: <20050816195629.GB2637@basalt.office.altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <20050816193136.GT19097@solemn.turbinal.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qcHopEYAB45HaUaB" Content-Disposition: inline In-Reply-To: <20050816193136.GT19097@solemn.turbinal.org> X-fingerprint: 9658 398D 181B 1200 8FC5 26B8 F6F8 846B C1E2 3429 Cc: X-BeenThere: devel@altlinux.ru X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ALT Devel discussion list List-Id: ALT Devel discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Aug 2005 19:56:30 -0000 Archived-At: List-Archive: List-Post: --qcHopEYAB45HaUaB Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 16, 2005 at 11:31:36PM +0400, Alexey Tourbin wrote: > =F7 /usr/lib/perl5/File/Temp.pm =C5=D3=D4=D8 =C6=D5=CE=CB=C3=C9=D1 =D0=D2= =CF=D7=C5=D2=CB=C9 =D7=D2=C5=CD=C5=CE=CE=CF=C7=CF =CB=C1=D4=C1=CC=CF=C7=C1, > =D7 =CB=CF=D4=CF=D2=CF=CD =C2=D5=C4=D5=D4 =D3=CF=DA=C4=C1=CE=D9 =D7=D2=C5= =CD=C5=CE=CE=D9=C5 =C6=C1=CA=CC=D9. >=20 > 649 # internal routine to check to see if the directory is safe > 650 # First checks to see if the directory is not owned by the > 651 # current user or root. Then checks to see if anyone else > 652 # can write to the directory and if so, checks to see if > 653 # it has the sticky bit set [...] > =F5=D3=CC=CF=D7=C9=D1 =D0=CF=C4=DE=C5=D2=CB=CE=D5=D4=CF=CA =D0=D2=CF=D7= =C5=D2=CB=C9 =CD=CF=D6=CE=CF =D0=C5=D2=C5=D7=C5=D3=D4=C9 =D0=D2=C9=CD=C5=D2= =CE=CF =CB=C1=CB > st.st_uid > 10 && st.st_uid !=3D getuid() >=20 > =F7=CF=D0=D2=CF=D3: =C8=CF=D2=CF=DB=CF =CC=C9, =DE=D4=CF =DA=C4=C5=D3=D8 = =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4=D3=D1 real uid? =EE=C5 =CC=D5=DE=DB=C5 =CC= =C9 > =D0=D2=CF=D7=C5=D2=D1=D4=D8 effective uid?=20 =FC=D4=CF =DA=C1=D7=C9=D3=C9=D4 =CF=D4 =D3=C5=CD=C1=CE=D4=C9=CB=C9 =CD=CF= =C4=D5=CC=D1. =E4=D2=D5=C7=C9=CD=C9 =D3=CC=CF=D7=C1=CD=C9, =C4=CC=D1 =DE=C5=C7=CF =CF=CE = =D0=D2=C5=C4=CE=C1=DA=CE=C1=DE=C5=CE. =F0=D2=C9 =D4=CF=CA =C9=CE=C6=CF=D2=CD=C1=C3=C9=C9, =DE=D4=CF =D3=CF=C4=C5= =D2=D6=C9=D4=D3=D1 =D7 =CB=CF=CD=CD=C5=CE=D4=C1=D2=C9=C9, =D5 =CD=C5=CE=D1 = =D3=CB=CC=C1=C4=D9=D7=C1=C5=D4=D3=D1 =CF=DD=D5=DD=C5=CE=C9=C5, =DE=D4=CF =D0=D2=CF=D7=C5=D2=D1=D4=D8 effective u= id =C2=D9=CC=CF =C2=D9 =CC=CF=C7=C9=DE=CE=C5=C5. --=20 ldv --qcHopEYAB45HaUaB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFDAkTt9viEa8HiNCkRAkh+AJ9kNiuD+YDkZZ3thWpbjW+ys96uzgCeNyZn 1nkSkDfukOVttmXggDkL3uQ= =1THT -----END PGP SIGNATURE----- --qcHopEYAB45HaUaB--