Hacker News new | past | comments | ask | show | jobs | submit login

This. setuid/SUID root was - and still is - a terrible idea. It is a (deliberate) hole in the security barrier. It was an idea spawned out of necessity because of the limited expressiveness of the standard Unix security model.

Once you let a process run with root or other elevated capabilities, that process should be isolated so nothing about the process can be controlled by the unprivileged user. SUID root utilities violates that.




It was a reasonable enough mechanism for the 70s. It certainly isn't now.

Now you want to do all legitimate local privilege escalations via IPC.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: