Possible to abuse SUID to do something malicious?
I was reading up on the SUID bit just there and something came to mind.
On my own laptop, let's say I create a simple script something like:
rm /sbin/ifconfig
I then get a USB stick and format it with ext2 and I copy the script across to the USB stick. Then I do:
sudo chown root:root /mnt/usbstick/my_script
sudo chmod 777 /mnt/usbstick/my_script
such chmod u+s,g+s /mnt/usbstick/my_script
Let's say I bring this USB stick to a computer lab. I mount the USB stick on a workstation computer. Will I be able to run the script? If not, why?
(I'm presuming that the script won't run. The only reason I think it won't run is that it took me only a few seconds to come up with this idea, and I figure the implementors of Linux are smarter than that, but still I'd like to know the exact reason why it won't run)
|