rjk@mgweed.UUCP (Randy King) (10/04/83)
I have a few applications that will be running setuid or setgid owned by user "foo" and group "bar", respectively. On occasion, these programs need to execute "pwd" in the current directory owned by "xyz" where neither user "foo" nor group "bar" has any permissions nor permissions in the parent. As is, pwd will error with: pwd: cannot stat .! (obviously). After looking at the code, there appears to be no loopholes, so I am proposing to setuid root on /bin/pwd. I don't see any security problem with doing that. Any thoughts or comments on that proposal? Randy King ihnp4!mgweed!rjk