Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Jun 1997 17:38:12 -0400 (EDT)
From:      Adam Furman <afurman@delsol.sunfire.net>
To:        Ollivier Robert <roberto@keltia.freenix.fr>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: suid exploit (??)
Message-ID:  <Pine.BSF.3.96.970610173747.9530A-100000@delsol.sunfire.net>
In-Reply-To: <19970610214001.05348@keltia.freenix.fr>

next in thread | previous in thread | raw e-mail | index | archive | help
I also tried to run this script and the same thing was true for me.  It
had to be setuid root for it to work correctly.
Adam

Adam Furman    
Assistant System Administrator of United Computer Specialists
afurman@amf.net
Irc Admin of irc.ucs.net



On Tue, 10 Jun 1997, Ollivier Robert wrote:

> According to Yuang Shuang-Long:
> > 	I have a trouble that some users use the following prog. to get
> >   root privilege, and the more they do some destructive thing. (eg. 
> >   delete some file /var/log/* :-( ) I need your help...
> 
> I'm afraid I don't see how they can get root privs with this unless you
> have made it setuid root.
> 
> The following lines can't executed only by root to succeed. This is on
> 3.0-CURRENT. To my knowledge, setuid/setgid has always been restricted to
> root (unless you want to become yourself).
> 
> > 	if(setgid(pw->pw_gid) == -1)
> > 		perror("setgid");
> > 	if(setuid(pw->pw_uid) == -1)
> > 		perror("setuid");
> 
> -- 
> Ollivier ROBERT -=- FreeBSD: There are no limits -=- roberto@keltia.freenix.fr
> FreeBSD keltia.freenix.fr 3.0-CURRENT #18: Sun Jun  8 15:32:28 CEST 1997
> 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970610173747.9530A-100000>