MP%mit-xx@sri-unix.UUCP (07/15/83)
From: Mark Plotnick <MP@mit-xx> I don't wish to prolong discussion about the joys of setuid, but I have a simple question: is there any reason why setuid bits should be ignored if one is already running as root? I seem to recall some discussion many moons ago (about V7) that lead to the conclusion that setuid bits SHOULD be honored for everybody. Yet the 4.1bsd systems here (pretty vanilla ones, at that) are configured so that root stays root. I got bitten by this yesterday when the netnews expire program, which is setuid to uucp, was invoked by cron and recreated its data file with owner "root" (the file was thus unwritable to the other setuid-to-uucp program that wants to write in it). Note that I'm not taking a poll. The question is not "should setuid bits be honored if you're root" - I know all the religious arguments for and against this - what I want to know is "will anything break if setuid bits are honored by root". Mark Plotnick MP@XX eagle!mit-vax!mp -------