> > [set-uid theory] > OK, I understand the what you've said above, but give me an example. I have > seen what happens when /bin/su is not setuid, but WHY does it have to be > like that, and WHY does it do what it does when it's not setuid? I've seen > a lot of other binaries in this predicament: > [...]
why? well - i told, which power the set-uid root programs have. and that's the reason to make them set-uid at all. only root may change the user-id to an arbitrary value and thus change the identity (su, login). only root may mount. only root has direct network access (ping), etc. everything clear now? ;-) -- Hi! I'm a .signature virus! Copy me into your ~/.signature, please! -- Linux - the last service pack you'll ever need.