Re: supersuer by a normal user with chmod
Supersuer bit? Also known as the RIAA bit? On 0, Raffaele Sandrini <[EMAIL PROTECTED]> wrote: > Hi > > On normal homedirs the owner of the files is the owner of the homedir. That > means he/she can alter the file permissions in the files he/she ownes (with > chmod) > > I tested the following: As a normal user i crated a file in my homedir. > % touch test > > I changed it to a exec file. > % chmod 700 test > > No i set the superuser bit > % chmod +s test No, you didn't. > It worked(!). That means that a user can download for example a BASH > binary and set the superuser bit for it ans has root privileges ??!! > > Am i missing here something? Yes. That is the setuid bit, not the superuser bit. When an executable with this bit set is executed, it executes with the uid of the OWNER, not the superuser. To make this setuid root you have to: # touch test # chmod 700 test # chown root test # chmod +s test If you can do THAT then there is something wrong. Tom -- Tom Cook Information Technology Services, The University of Adelaide "Intellectual freedom is not the freedom to believe anything, but the freedom to believe only the truth." - Dr. John Stott Get my GPG public key: https://pinky.its.adelaide.edu.au/~tkcook/tom.cook-at-adelaide.edu.au msg03459/pgp0.pgp Description: PGP signature
Re: supersuer by a normal user with chmod
* Raffaele Sandrini ([EMAIL PROTECTED]) [020925 00:30]:
> I tested the following: As a normal user i crated a file in my homedir.
> % touch test
>
> I changed it to a exec file.
> % chmod 700 test
>
> No i set the superuser bit
> % chmod +s test
>
> It worked(!). That means that a user can download for example a BASH
> binary and set the superuser bit for it ans has root privileges ??!!
>
> Am i missing here something?
Yes. =)
+s is the setuid bit, not the 'superuser bit' (there is no such thing).
man chmod, take a deep breath, and test that your u+s binary does not in
fact run with root privileges.
good times,
Vineet
--
http://www.doorstop.net/
--
#include
int main() {
puts("Reader! Think not that \n"
"technical information \n"
"ought not be called speech;");
return 0;
}
msg03458/pgp0.pgp
Description: PGP signature
supersuer by a normal user with chmod
Hi On normal homedirs the owner of the files is the owner of the homedir. That means he/she can alter the file permissions in the files he/she ownes (with chmod) I tested the following: As a normal user i crated a file in my homedir. % touch test I changed it to a exec file. % chmod 700 test No i set the superuser bit % chmod +s test It worked(!). That means that a user can download for example a BASH binary and set the superuser bit for it ans has root privileges ??!! Am i missing here something? cheers, Raffaele -- Werden Sie mit uns zum "OnlineStar 2002"! Jetzt GMX wählen - und tolle Preise absahnen! http://www.onlinestar.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
