[kismac] Re: suid off
- From: Brad Knowles <brad@xxxxxxxxxxxxxxxxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Thu, 28 Apr 2005 21:06:07 +0200
At 10:53 PM +0800 2005-04-28, Robin L Darroch wrote:
I know this is going a bit off-topic, but I'm curious to know why the
SETUID bit is - in and of itself - a serious security risk.
It's not. But it does create the possibility for a huge and
easily exploited hole.
Surely as
long as the process in question is appropriately secure,
That's the hard part. It's tough enough to do with binary
programs written in languages like C. It's pretty much impossible to
"appropriately secure" a shell script.
Looking at it a different way, how do "modern Unix systems" enable an
ordinary user to achieve anything that would need admin permissions
along the way?
MacOS X is a pretty modern Unix. In this particular respect,
they all do the same sorts of things, in the same way. But setuid
shell scripts have been problematic ever since the setuid bit concept
was created. On other modern Unixes, they usually don't make any
attempt to create setuid shell scripts anymore.
--
Brad Knowles, <brad@xxxxxxxxxxxxxxxxxxx>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
- References:
- [kismac] [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: mick . bi
- [kismac] Re: [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: Robin L Darroch
- [kismac] Re: [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: Michael Rossberg
- [kismac] suid off
- From: ard jonker
- [kismac] Re: suid off
- From: Rob Frohne
- [kismac] Re: suid off
- From: Robin L Darroch
Other related posts:
- » [kismac] suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
- » [kismac] Re: suid off
I know this is going a bit off-topic, but I'm curious to know why the SETUID bit is - in and of itself - a serious security risk.
Surely as long as the process in question is appropriately secure,
Looking at it a different way, how do "modern Unix systems" enable an ordinary user to achieve anything that would need admin permissions along the way?
- [kismac] [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: mick . bi
- [kismac] Re: [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: Robin L Darroch
- [kismac] Re: [OpenSVN] r61 committed: KisMACng/KisMAC.xcode/mick.mode1KisMACng/KisMAC.xcode/m
- From: Michael Rossberg
- [kismac] suid off
- From: ard jonker
- [kismac] Re: suid off
- From: Rob Frohne
- [kismac] Re: suid off
- From: Robin L Darroch