On Fri, 14 Sep 2007, Andreas Schwab wrote: > Bodo Eggert <[EMAIL PROTECTED]> writes:
> > ~/tmp > cp /bin/sleep . > > ~/tmp > chmod u+s sleep > > ~/tmp > ./sleep 2147483647 & > > [1] 2823 > > ~/tmp > strace -p 2823 > > Process 2823 attached - interrupt to quit > > setup( > > You didn't change the owner, so this is not a setuid execution. I expected that, but I wanted to be sure before telling bull****. Besides that, if the suid program was owned by the suid-to user, that user could modify the binary in order to prepare a future attack. -- Top 100 things you don't want the sysadmin to say: 16. find /usr2 -name nethack -exec rm -f {}; - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/