From owner-freebsd-questions Mon Sep 24 19:22: 5 2001 Delivered-To: freebsd-questions@freebsd.org Received: from home.com (c1737881-a.plano1.tx.home.com [65.10.46.29]) by hub.freebsd.org (Postfix) with ESMTP id 54D8537B425 for ; Mon, 24 Sep 2001 19:21:59 -0700 (PDT) Received: (from mcbrune@localhost) by home.com (8.11.6/8.11.4) id f8P2LhK06485; Mon, 24 Sep 2001 21:21:43 -0500 (CDT) (envelope-from mcbrune) From: mcbrune Message-Id: <200109250221.f8P2LhK06485@home.com> Subject: Re: chmod In-Reply-To: <3BAFE35F.543E141A@home.com> To: cyu0635@home.com Date: Mon, 24 Sep 2001 21:21:43 -0500 (CDT) Cc: Odhiambo Washington , "freebsd-questions@FreeBSD.ORG" X-Mailer: ELM [version 2.4ME+ PL92 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Well, that depends... As a general rule, if SUID does not need to be set, as in the example below, then do not set it. Sometimes the SUID needs to be set, as in /usr/bin/passwd, which allows people to change their password. The security hazard is when someone has executed the program with SUID, a person can try to overflow the buffer and either get a shell or execute some code as the owner of the program. Hope this clears some things up. Corey > Hi > > Is it any security problem? Please teach me. > > Many thanks > > > Odhiambo Washington wrote: > > > * mcbrune [20010924 05:37]: writing on the subject 'Re: chmod' > > | It sets the SUID bit on the file. This will allow the executable to be run as > > | the owner of the file. You can read the man page on chmod for more info. > > | > > | > > | Corey > > | > > | > Hi all > > | > > > | > What is the meaning of the figure '4'? > > | > > > | > > > | > chmod 4755 /usr/sbin/sendmail > > | > > > | > Many tks > > > > Hmm, why did you do it? ;-) > > > > -Wash > > > > -- > > Odhiambo Washington > > Wananchi Online Ltd., > > wash@wananchi.com 1st Flr Loita Hse. > > Tel: 254 2 313985 Loita Street., > > Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE. > > > > It is always good policy to tell the truth unless of course you are an > > exceptionally good liar. > > -Jerome K. Jerome > > (contributed by Chris Johnston) > > > > ------------------------------------------------------------------------ > > Part 1.2Type: application/pgp-signature > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message