Which commands (in /bin & /usr/bin) must have set user ID (for root)
Ray Moody
aij at k.cc.purdue.edu
Mon Oct 27 13:48:44 AEST 1986
>> What surprised me about the list Jim replied with was that most of the
>> commands
>> were -rws......! Why should a setuid command *ever* be writeable? - it's just
>> *inviting* attempts to find a bug and convince the command to write
>> over itself.
>
>First off, root can overwrite any file regardless of perms, yes/no? Second,
>ever see "error: text busy" ? You cannot remove or write over a file that
>is running somewhere on the system (or, to be picky, has the sticky bit set
>and has been run)
Anyway, if a setuid program overwrites itself, it is no longer setuid!
It says in the manual page for write (2):
If the real user is not the super-user, then _�w_�r_�i_�t_�e clears
the set-user-id bit on a file. This prevents penetration of
system security by a user who "captures" a writable set-
user-id file owned by the super-user.
>> What irks me more, though, is that the "lp" commands all run setuid-lp
>> setgid-bin; this means that in a directory which lp can't access ( e.g. 700),
>> lp foo
>> fails, though
>> lp <foo
>
>then make lp suid root :-)
There shouldn't be any smiley face here. This is a perfectly reasonable
suggestion. Just MAKE SURE IT CALLES ACCESS (2)! Out lpr program runs setuid.
array
array Ray Moody
array ihnp4!pur-ee!pucc-s!aij
array
More information about the Comp.unix.wizards
mailing list