Re: .forward files no longer work, life with a trapdoor setuid() [SysV]

[Andy Poling <andy@hcf.jhu.edu>]

On Sat, 2 Jan 1993, Craig Metz wrote:
[...]
> Unfortunately, the behaviour warned about in the documentation
> with SysVs and setuid() has been shown by our system, and there is no way
> we know of to get around that. Because of the problems we have been having
> with this, I have hacked the mailbox program to not change UIDs, and to
> remove the pipe and file capabilities. The question I have here is, other
> than for those two capabilities, why does the mailbox program need to set
> its UID to that of the recipient, and if there is a good reason for it to
> do so, why can't it fork() a child process to actually switch its UID and
> do the job, then just wait for the child to finish (thus avoiding this problem
> with SysV systems)?

Perhaps a better approach for system which cannot setuid() back to root
would be for mailbox to process one mail message, then exit.  Running
multiple mailbox's at a time should permit sufficient throughput.  It's
the same sort of model only different.

This seems like a much simpler hack.  On the other hand, I have only a
passing familiarity with the code.

For what it's worth...

-Andy

Andy Poling                              Internet: andy@jhunix.hcf.jhu.edu
UNIX Systems Programmer                  Bitnet: ANDY@JHUNIX
Homewood Academic Computing              Voice: (410)516-8096    
Johns Hopkins University                 UUCP: uunet!mimsy!aplcen!jhunix!andy