How To Write a Setuid Program
- M. Bishop, “How To Write a Setuid Program,” Technical Report 87.18, Research Institute for Advanced Computer Science, NASA Ames Research Center, Moffett Field, CA 94035 (May 1985).
Setuid programs can pose a grave threat to UNIX systems because they explicitly violate the protection scheme designed into UNIX. However, setuid programs are often the only practical solution to problems of maintaining a fully functioning UNIX system. Because of this paradox, they are among the most difficult programs to write. This paper lists and discusses some simple rules for writing setuid programs that will decrease an attacker's ability to use such a program to compromise a UNIX system.