[TUHS] rm command
Dave Horsfall
dave at horsfall.org
Sat Apr 28 02:26:16 AEST 2018
On Wed, 25 Apr 2018, Noel Chiappa wrote:
> On early PDP-11 Unixes, 'rm' is an ordinary program, and 'rmdir' is
> setuid-root, since it has to do special magic (writing into directory
> files, etc). Given that, it made sense to have 'rm' run with the least
> amount of privilege needed to do its job.
I am constantly bemused by the number of "setuid root" commands, when a
simple "setgid whatever" will achieve the same task.
My mantra has always been: "If you think you need setuid root, then you
are probably thinking wrong."
My favourite here is the "ps" command:
On my FreeBSD server:
% ls -l /bin/ps
-r-xr-xr-x 1 root wheel 35640 Oct 15 2017 /bin/ps
On my crappy MacBook:
% ls -l /bin/ps
-rwsr-xr-x 1 root wheel 51200 Jul 15 2017 /bin/ps
(I didn't check my Penguin box, because I don't think that I'll like what
I'll see.)
-- Dave
More information about the TUHS
mailing list