Date: Mon, 4 Aug 1997 15:01:31 -0600 (MDT) From: Atipa <freebsd@atipa.com> To: Marc Slemko <marcs@znep.com> Cc: "Jonathan A. Zdziarski" <jonz@netrail.net>, ports@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: SetUID Message-ID: <Pine.BSF.3.91.970804145336.11294A-100000@dot.ishiboo.com> In-Reply-To: <Pine.BSF.3.95.970804142646.27439Q-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 4 Aug 1997, Marc Slemko wrote:
> You could. If you did, however, you would be silly.
>
> The wrapper you give allows anyone who can run it to do anything they want
> as the uid it is setuid to.
If you allow the shell script to be modified, yes. Otherwise, I can not
see how they could use the wrapper to execute anything but the script
hard coded therein. Am I being naive?
Set the permissions to 750, chown root.<special group>
And make sure the shell script is non world or group writable.
What's the vulnerablility?
Kevin
> > > -- cut here (wrapper.c) --
> >
> > #include <stdlib.h>
> > main()
> > {
> > execl("/etc/rc.WHATEVER","WHATEVER",NULL);
> > }
> >
> > -- end--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970804145336.11294A-100000>