[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setgid-wrapper

On (19/05/04 13:14), Grzegorz B. Prokopski wrote:
> On (19/05/04 15:54), Goswin von Brederlow wrote:
> > Could it be you mean bash droping the setuid/setgid bits when it is
> > set setuid/setgid? Thats a bash speciality preventing hackers to
> > setuid/gid bash as so many rootkits have done in the past.
> No.  Bash is not dropping any of its priviledges.  If you want to give
> all users root access just set suid on /bin/bash ;-))

Hmm... As Steven pointed out in private mail, bash apparently *does*
drop the priviledges unless started with -p option.  Might be that the
behavior has changed because I recall copying SUID bash around on an
Woody system and I don't think I had to pass any extra options for it to
work.  I don't have root access to any woody system ATM, so can't test
it.  In any case I was wrong and bash (at least currently) drops the
priviledges by default.


Grzegorz B. Prokopski <gadek@debian.org>
Debian GNU/Linux      http://www.debian.org
SableVM - LGPLed JVM  http://www.sablevm.org
Why SableVM ?!?       http://devel.sablevm.org/wiki/WhySableVM

Reply to: