Setuid programs
Kartik Subbarao
subbarao at phoenix.Princeton.EDU
Sun Mar 18 05:29:25 AEST 1990
In article <1990Mar16.224120.24013 at aucs.uucp> 852028e at aucs.UUCP (Amari M. Elammari) writes:
>
>Does anybody know about any good references for:
>
> - How to write a setuid programs.
> - What are the security problems with suid programs.
> - Anything about suid programs...
>
a) Writing a SUID program is no different from writing a normal program. The
only difference is upon execution, the program will run as your userid
(i.e. have all privileges that you do). For example, if you wanted to write
a game, and wanted users to only have access to the high score list when
they played the game, you could make the game SUID to you, and simply write
to the file during the game. Also, /bin/su and other programs are setuid to
root, for need of permission. As to the mechanics of CREATING a suid program,
just do chmod u+s <filename> to give set user id, and chmod g+s to give set
group id. (Thats 4xxx and 2xxx for you octal fans.)
b) Security Questions - Quite a lot! You can perhaps think of many, as your
program has all of your privileges while being run. Please refer to Kochan
and Wood for more details as to how to design leak-proof setuid programs.
-Kartik
--
subbarao@{phoenix,bogey or gauguin}.princeton.edu - Internet
subbarao at pucc.princeton.edu - Bitnet
More information about the Comp.unix.questions
mailing list