I've discovered something interesting.
# cp /bin/bash /tmp
# chmod u+s /tmp/bash
$ /tmp/bash
$ whoami
karlheg
# cp /usr/bin/zsh /tmp
# chmod u+s /tmp/zsh
$ /tmp/zsh
# whoami
root
Perhaps we should have a policy that says all of our shells should
follow the Bash behaviour?
Karl == Karl M Hegbloom [EMAIL PROTECTED] writes:
Karl Perhaps we should have a policy that says all of our shells
Karl should follow the Bash behaviour?
This would help a *tiny* bit, but there are many many programs other
than shells that will wreak havoc if they're made set-uid.
2 matches
Mail list logo