Akintayo Holder enscribed thusly:
> On numerous occasions I have seen references, telling me to set suid on
> some executable to root. I believe this would let the executable work as
> if it was started by root regardless of the user.
That's a pretty reasonable description... Close enough for horse
shoes and hand grenades... Modified by group and other execute permissions,
yeah, that's a close approximation.
> Now how do I set an executable to suid or whatever - there is no suid
> command is there?
Pardon my rudeness but this is like window shopping in a high
price store... If you have to ask the price, you really can't affort it.
To put it bluntly, if you aren't sure you know what it is, and you
don't know how to do it, why are you asking and what are you trying to do?
The reply is that this is so dangerous from a security point of view that
you probably don't really want to do this and you really don't fully
understand the implications.
If you screw up this program you can end up opening your entire
system to compromise, and it is VERY HARD not to screw this up. Secure
coding techiques are NOT an exact science, even though we do have good
rules to start from. Even if you DO follow all the secure coding rules,
changes are that some side effect or some unknown influence will cause
a security hole.
At one time some people were making games suid to some user id so
they could write to their score files. Strangely enough, when someone
discovered that some of these games had "shell escapes", random acts
of terrorism soon followed. Even if your program is not vulnerable, if
you are suid to root and you CALL another program, you make yourself
vulnerable to every hole in that program, even if that program was never
intended to be a security related program!
Linux, fortunately, prohibits suid scripts. A neat trick for scripts
was to create a symlink from them to a dash "-". When the shell sees it's
name begining with a dash, it tries to read the login profile script (.profile
or .login or some such). A little tampering with your local .profile and
BANG - instant root exploit. The shell script that was exploited never
even got run to begin with - the .profile ran before it and took control!
Now... If I haven't scared you, then you REALLY have no business
making anything suid to root. You need a healthy fear to keep from doing
stupid things with this 45. The alternative is shooting yourself in the
foot with it.
After all else... If you are still hell bent on stupid human tricks,
do "man chmod" and RTFM. If you can't figure it out from there - then DON'T
EVEN THINK ABOUT IT!
Unless you want to be the subject du-jur of a bugtraq article
(something like having 60 minutes waiting for you in your office at
work when you get in) do NOT do anything suid and then try and distribute
it! If you don't know what you are doing you are shortly going to be
toast. If you DO know what you are doing - it might take a little longer!
Software Engineer's Proverb:
Software engineering is a race between developers to create fool
proof programs and the universe to create bigger fools...
Developer's Proverb:
So far... The universe is winning...
> --
> If you don't stand for something, you will fall for anything
> Public Enemy
> RH5.2
> OUT OF ORDER Personal 17728385
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
