Apr 18, '05 10:02:00AM • Contributed by: TrumpetPower!
Files with the SUID bit set are run with the permissions of the owner of the file, not the person running it; ones with the SGID bit run with the file's group. The bits are mostly used for things like the traditional Unix passwd command which lets a user change her password. It solves the dilemma of how to let just anybody modify the master password list, but only in a very carefully controlled manner. Apple says they don't ship any files in the BSD subsystem with either bit set, so, as a security precaution, they've completely disabled this functionality. I can confirm this; I did a quick test before and after applying the update.
As I said, you probably won't be affected by this. You only would be if you've installed some software -- probably through DarwinPorts or Fink -- that depends on this feature. How can you know for certain? Simple. In the Terminal, try this:
sudo find / -perm +6000 -exec ls -lf {} \;
On my system, I do find a few files, including some from Apple, some from Fink, and the usual raft of Unix stuff (ps, dump, ping, route, etc.). But nothing seems obviously broken, so I don't plan to worry. You probably shouldn't, either. But maybe somebody out there should...
