FP & FreeBSD Revisited...

Fairlight fairlite at fairlite.com
Wed Jan 5 15:39:40 PST 2005


When asked his whereabouts on Wed, Jan 05, 2005 at 03:37:44PM -0600,
Chad McWilliams took the fifth, drank it, and then slurred:
> 
> When using the system command from within filepro, to run another
> filepro process, the second process would run as filepro, not the logged
> in user.  Subsequently, any records created in the second process would
> show filepro as the creator, not the user.
> 
[snip]
> 
> P.S. To me the way the SYSTEM command behaves under *bsd is a security
> risk.  If a user were to somehow get to a shell prompt while "SYSTEMed"
> out, they would be able to do anything the filepro user would be able
> to, including deleting the filepro files.  This is in stark contrast to
> the way SYSTEM behaves under SCO.  I'm sure most of you realize this,
> but I thought I would mention it for those it wasn't obvious to.

I beg to differ.  I realise no such thing, as it's not technically
accurate.  

On SCO 5.0.6, fP 5.0.7D4:

@once::system "vi /tmp/blipper":
::end:

$ ls -l /tmp/blipper
-rw-------   1 filepro  group          5 Jan  5 18:33 /tmp/blipper

You're dead wrong.  It's -always- worked this way on SCO.  The only
difference I've ever seen is on linux with bash2, where bash drops EUID by
default, and you're stuck as the normal user.  

SCO has had SYSTEM commands running as the SUID user since time immemorial.
Well, for my part I can remember it back to 3.2.4.0.

mark->
-- 
Bring the web-enabling power of OneGate to -your- filePro applications today!

Try the live filePro-based, OneGate-enabled demo at the following URL:
               http://www2.onnik.com/~fairlite/flfssindex.html


More information about the Filepro-list mailing list