Magnus Hagander wrote:
>>>How is this different from the fact that the superuser can
>>>
>>>
>>already use
>>
>>
>>>COPY to accomplish the same thing?
>>>
>>>
>>COPY can accomplish a few of the same things, much less
>>conveniently (for instance, it's darn hard to write an
>>arbitrary binary file through COPY).
>>
>>
>
>Right. But the *security* problem is more or less equal. If somebody
>hacks your superuser account, they can make at least almost the same
>amount of damage. It may take a little more work, but if you just want
>to kill the system by overwriting files, or overwriting say the password
>file, it's just as easy. And if what you want to do is stick some kind
>of executable o nthe system, you can just wrap it in a shellscript that
>will unpack it.
>
>
It could be argued that there should be provision for a limitation on
the locations in which COPY can write (and maybe read) files.
If COPY is a security hole then we should close it, not use that as
precedent to open another hole.
cheers
andrew
