On Mon, Jan 15, 2001 at 02:20:48PM -0500, Bob Bernstein wrote: > I'm trying to understand the suid bit. So I created a little script to list > a file that I don't as a normal user have permission to read, namely > /var/log/user.log. Here's the data, starting with the permissions on > user.log: > > $ ls -l /var/log/user.log > -rw-r----- 1 root adm 2838 Jan 15 13:39 /var/log/user.log > > Here's my little script "sutest", and its permissions, followed by the > results of executing it: > > $ less sutest > #! /bin/bash > echo "does this work?" > less /var/log/user.log > > $ ls -l sutest > -rwsr-xr-x 1 root root 59 Jan 15 13:28 sutest > > $ ./sutest > does this work? > /var/log/user.log: Permission denied > Suid shell scripts don't work. Big security problem.. :)
Cliff
