Re: central administration techniques
On Fri, Oct 19, 2001 at 06:33:43PM +0300, Juha J?ykk? wrote:
> > > 3. Break into one of the other machines, use the suided script to
> > ^^^^^^^^^^^^^
> > I can't answer your questions - I know too little. Just one remark:
> > AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
> > that a few years ago when I tried to use a suided script. I haven't
>
> -> use C-code. Does not matter. I can code buffer overflow -proof
> routines for this simple stuff. Or just code a suid binary which runs
> the script and does nothing else.. An additional security hole there,
> though: I basically would have TWO suided programs now though crashing
> a program which only runs another should be impossible (unless the init
> routines can be crashed).
Only the C-wrapper should be SUID I think, and since it then already
runs as root, there's no need to set the SUID bit for the shell script
(it will just be ignored).
--
,-------------------------------------------.
> Name: Alson van der Meulen <
> Personal: alson@flutnet.org <
> School: alson@gymnasiumleiden.nl <
`-------------------------------------------'
Where's the DIR command?
---------------------------------------------
Reply to: