Re: setgid-wrapper
On (19/05/04 13:14), Grzegorz B. Prokopski wrote:
> On (19/05/04 15:54), Goswin von Brederlow wrote:
> > Could it be you mean bash droping the setuid/setgid bits when it is
> > set setuid/setgid? Thats a bash speciality preventing hackers to
> > setuid/gid bash as so many rootkits have done in the past.
>
> No. Bash is not dropping any of its priviledges. If you want to give
> all users root access just set suid on /bin/bash ;-))
Hmm... As Steven pointed out in private mail, bash apparently *does*
drop the priviledges unless started with -p option. Might be that the
behavior has changed because I recall copying SUID bash around on an
Woody system and I don't think I had to pass any extra options for it to
work. I don't have root access to any woody system ATM, so can't test
it. In any case I was wrong and bash (at least currently) drops the
priviledges by default.
GBP
--
Grzegorz B. Prokopski <gadek@debian.org>
Debian GNU/Linux http://www.debian.org
SableVM - LGPLed JVM http://www.sablevm.org
Why SableVM ?!? http://devel.sablevm.org/wiki/WhySableVM
Reply to: