LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 10-13-2005, 05:15 AM   #1
mickyg
Member
 
Registered: Oct 2004
Location: UK
Distribution: Ubuntu/Kubuntu
Posts: 245

Rep: Reputation: 30
Running super user commands as normal user


Hi all, I assume this is the right place for this:

I'm running SuSE 9.3 Pro and found that an application/command residing in an sbin (/sbin, /usr/sbin, etc) directory (which as I understand it holds the super users applications/commands and shouldn't be able to be run by a normal user without su-ing) can be run simply by typing to full path to the command.

Doing an "ls -l /sbin" gives me the "-rwxr-xr-x" for the application/commands.

My question is, should this be possible? Surely this impacts the security on the system if any user can simply do "whereis xxx" and the "/sbin/xxx" for example. If that makes sense.

I have also found this is possible on knoppix-std. I haven't tried it out on other distros but will when I get the chance.
 
Old 10-13-2005, 05:33 AM   #2
mcosta
Member
 
Registered: Jan 2005
Location: Spain
Distribution: Debian
Posts: 44

Rep: Reputation: 15
If you simply want the users can exec xxx located in /sbin without typing the full path what you want is in the PATH variable. Just type in a shell

$ echo $PATH

To see its value. To modify it:

$ export PATH=/sbin:/usr/sbin:$PATH

If you want people can exec things as root without su'ing: sudo. Look "man sudo" and "man sudoers"
 
Old 10-13-2005, 07:33 AM   #3
mickyg
Member
 
Registered: Oct 2004
Location: UK
Distribution: Ubuntu/Kubuntu
Posts: 245

Original Poster
Rep: Reputation: 30
Thankyou for your reply but that's not my question. I'm aware of the sudoer's file and I know about the PATH environment variable, my question is should a normal user be able to execute something in an sbin folder? And if so, what's the point of having the sbin folder??

Doesn't this pretty much make the need to su redundant? Allowing a normal user to do this seems to be a security issue to me.

Last edited by mickyg; 10-13-2005 at 07:38 AM.
 
Old 10-13-2005, 08:05 AM   #4
dracolich
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 1,173

Rep: Reputation: 47
Whenever I have tried executing a command from /sbin as a normal user (e.g. ifconfig, mount route) it prints a message "only root can do that." So even though the users can see the path to the files and permissions seem to allow users to access them, only root can execute them.
 
Old 10-13-2005, 08:18 AM   #5
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 53
Quote:
Originally posted by mickyg

My question is should a normal user be able to execute something in an sbin folder? And if so, what's the point of having the sbin folder??

Doesn't this pretty much make the need to su redundant? Allowing a normal user to do this seems to be a security issue to me.
If a user wants to run a file located in /sbin, he just has to get the source file and compile it in his directory. Or he can bring it from a usbstick or even download the binary directly to a directory he has access, so locking the sbin doesnt change a lot.

There are different levels of security:

If he wants to run /sbin/ifconfig, it will be ok. There is no real sensitive info here and he can also get it from /proc (on some distros)

Some files in /sbin don't have the x bit , so he will not manage. He will if he download the binary.

Some files in /sbin checks at the beginning if the user is root , so he won't manage, he can change the source and recompile.

For commands accessing sensitive resource, then the user needs access to this resource (/dev,/proc..)

When you su, you become superuser then you have access to these ressource,...

/sbin has superuser utilities , vital for the boot process.
http://www.pathname.com/fhs/
 
Old 10-14-2005, 08:25 PM   #6
mickyg
Member
 
Registered: Oct 2004
Location: UK
Distribution: Ubuntu/Kubuntu
Posts: 245

Original Poster
Rep: Reputation: 30
Quote:
Whenever I have tried executing a command from /sbin as a normal user (e.g. ifconfig, mount route) it prints a message "only root can do that." So even though the users can see the path to the files and permissions seem to allow users to access them, only root can execute them.
Doesn't do that for me. mount is in /bin, route and ifconfig are in /sbin but typing the full path allows me to run them. I haven't tried to do anything fancy, just typing /sbin/ifconfig and /sbin/route.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem in running the command as a normal user junaid18183 Linux - General 2 06-25-2005 07:27 AM
problem running stormpkg as normal user drrnsk8ter4 Linux - Software 0 04-24-2004 02:15 AM
normal user running shutdown cblamer Slackware 6 12-21-2003 09:44 PM
running ethereal as a normal user tangle Linux - Software 1 02-04-2003 10:35 PM
normal user = super user jayakrishnan Linux - General 4 03-19-2002 10:58 AM


All times are GMT -5. The time now is 12:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration