According to Tomasz Wegrzanowski: > > But the source might contain a buffer overflow exploit, or another > > exploit. Yes, I wrote the code myself, and there is even a comment > > in the code about running setuid in a special group. But in my experience > > _every_ setuid program has at least one hole, no matter how careful > > you are. Avoiding setuid programs (esp. setuid root) is important. > > shutdown accepts no user input as far i know so how user can do > buffer overflow?
Well, if you really think that way, you are certainly _not_ the person to make something setuid root. Do you follow BugTRAQ? Know about l0pth security advisories? CERT? www.rootshell.com ? Think of command line arguments, environment variables .. that's all 'user input' > Simple enough suid programs doesnt have always holes. 95% of them do, just because they are simple. > > If you still consider doing this, at least 2 different experienced > > people should audit the program you want to make setuid (shutdown) > > to see if there are no security problems involved. > > Come here and find them. Nope, I am not the person who wants to make shutdown setuid root, and besides I am the author of shutdown so I am the last person who should audit the code. Mike. -- First things first, but not necessarily in that order.
