Re: setgid-wrapper

To: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Cc: "James Damour (Suvarov454)" <suvarov454@users.sourceforge.net>, Steven Augart <augart@watson.ibm.com>, debian-mentors@lists.debian.org, debian-devel@lists.debian.org
Subject: Re: setgid-wrapper
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: Wed, 19 May 2004 15:54:08 +0200
Message-id: <[🔎] 877jv8frpb.fsf@mrvn.homelinux.org>
In-reply-to: <[🔎] 20040519123330.GD10117@A-Eskwadraat.nl> (Jeroen van Wolffelaar's message of "Wed, 19 May 2004 14:33:30 +0200")
References: <[🔎] 1084278352.2373.35.camel@hovel.lepus.org> <[🔎] 20040511154001.GA27694@gwolf.org> <[🔎] 1084325832.2373.66.camel@hovel.lepus.org> <[🔎] 20040512041200.GA20232@gadek.homelinux.org> <[🔎] 40A90483.8020008@watson.ibm.com> <1084882531.2373.129.camel@hovel.lepus.org> <40AA09A1.8060802@watson.ibm.com> <[🔎] 1084967626.2373.141.camel@hovel.lepus.org> <[🔎] 20040519123330.GD10117@A-Eskwadraat.nl>

Jeroen van Wolffelaar <jeroen@wolffelaar.nl> writes:

> On Wed, May 19, 2004 at 07:53:46AM -0400, James Damour wrote:
>> On Tue, 2004-05-18 at 09:03, Steven Augart wrote:
>> > As you probably know, when a shell sees that it is running a setuid or 
>> > setgid shell script, it detects this because the euid and ruid or egid 
>> > and rgid are different.  It "fixes" this by setting the euid to be the 
>> > same as the ruid, and/or egid the same as the rgid, effectively 
>> > turning off the setuid/setgid bit.
>
> Huh? This is wrong. It is the kernel who refuses to set the UID or GID
> on execution of setuid/gid shell scripts.
>
> Where did you read that?

Could it be you mean bash droping the setuid/setgid bits when it is
set setuid/setgid? Thats a bash speciality preventing hackers to
setuid/gid bash as so many rootkits have done in the past.

MfG
        Goswin

Reply to:

Follow-Ups:
- Re: setgid-wrapper
  - From: "Grzegorz B. Prokopski" <gadek@debian.org>

References:
- ITA: filler - Simple game in Java
  - From: James Damour <jdamour@nycap.rr.com>
- Re: ITA: filler - Simple game in Java
  - From: Gunnar Wolf <gwolf@gwolf.cx>
- Re: ITA: filler - Simple game in Java
  - From: James Damour <jdamour@nycap.rr.com>
- Re: ITA: filler - Simple game in Java
  - From: "Grzegorz B. Prokopski" <gadek@debian.org>
- setgid-wrapper (was: Re: ITA: filler - Simple game in Java)
  - From: Steven Augart <augart@watson.ibm.com>
- Re: setgid-wrapper
  - From: James Damour <jdamour@nycap.rr.com>
- Re: setgid-wrapper
  - From: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>

Prev by Date: Re: release as a package or add to APTs file list?
Next by Date: unsubscribe
Previous by thread: Re: setgid-wrapper
Next by thread: Re: setgid-wrapper
Index(es):
- Date
- Thread