On Mon, 17 Sep 2001, Aaron Konstam wrote:
> It seems like when you had a program like:
> main()
> { system ("cd /root; touch doit");
> }
>
> Which when compiled was owned by root and SUID; when you ran the program as a
> normal user the program owuld be changed to run as root.
>
> Am I crazy and that never worked or is there a change in the way RH
> 7.1 operates?
This is a change in bash 2.x (default shell ever since RH 7.0).
Since system() calls bash, this is the equivalent of a setuid shell
script, which isn't allowed.
If you want it to work, do
main()
{
setregid(0,0); setreuid(0,0);
system("cd /root; touch doit");
}
LLaP
bero
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
