LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Inquiry about "suid" (https://www.linuxquestions.org/questions/linux-security-4/inquiry-about-suid-11553/)

l_9_l 01-11-2002 05:27 AM

Inquiry about "suid"
 
Hi everyone..

I read that "Setting the suid for a program could possibly become a security hole in your system."

Q:Why may become a security hole?

When we suid a program, anyuser can run it as affective as root could run it, or will have root access privileges?
Please enlighten me!!

Thanks in advance..

bluecadet 01-11-2002 05:43 AM

well, it's dangerous as a user is able to run a program as root.

i'm not sure what the difference in your two situations is really... setting suid will run the program as the OWNER of the file, so not always root, but that's typically when it is used. the program is just passed the UID of the file owner rather than the person who exeecutes it. And it's pretty clear that this can be extremely dangerous, such as just being able to turn a box off as non-root. it is possible for programs to ignore suid, but that's done very verbosely, and only gerneally done on security related progs, which will not run on suid at all.

unSpawn 01-11-2002 01:32 PM

well, it's dangerous as a user is able to run a program as root.

Well... can't put it that black 'n white...
(some) apps that use setuid usually do this for a (somewhat) valid reason, and in some cases drop privileges when done doing stuff that needs the other uid. take for instance sendmail.
sendmail has to bind to port TCP/25 on startup. but only root can bind to ports < 1024. the config's "RunAsUser" function takes care of sendmail's privileges after binding to TCP/25 itll drop root uid and take on the uid of the "RunAsUser" var. *ok, ok there are other reasons to reconsider using sendmail instead of qmail etc etc.

Now take kermit (C-kermit version 7). kermit doesn't need setuid, but unfortunately is installed setuid root. several flaws in the kermit code exists where you could use extra supplied code, beyond the point of what the app checks, to execute *unchecked* code as the setuid user. this is an example of the kind of possible setuid abuse security texts would talk about.

*run a "find / -f type -perm +2000" and
"find / -f type -perm +4000" to review your s(gid,uid) installed apps.


All times are GMT -5. The time now is 04:03 AM.