Re: SUID shells...aaarrgghh
Joost Witteveen wrote:
>
> Note that this behaviour is new in bash-2.0 (1.4 didn't do it).
> I find it annoying, though. I don't really see the great advantage
> of this (its _very_ easy to get around for hackers), and it makes it
> more difficult for me to become UID 7483 (no such user exists on my
> system, but say it does on a friendly nfs server).
> I used to be able to just do
> cp /bin/bash /tmp; chown 7483 /tmp/bash; chmod u+s /tmp/bash;/tmp/bash
> but now I have to use a different shell (and then type bash, cause I cannot
> use the other shell). Does anyone know of an easier way to become
> UID=7483?
It might be a nice idea to create an option for su, so that you could
type
su --uid 7483
this option does not currently exist however.
You could look into the setuid command from the super package. With
that command you can say
setuid 7483 <command>
You can use this command in shell script `uidshell' like this:
------------------------------------------------------------------------
#!/bin/bash
while true; do
echo -n "[uid = $1] "`pwd`" $ "
read a
b=`echo $a | cut -d' ' -f1`
if [ "$b" = "cd" ] || [ "$b" = "exit" ]; then
$a
else
setuid $1 $a
fi
------------------------------------------------------------------------
If you run this script as super user typing `uidshell 7483', you more or
less get what you want. The script could be much fancier of course, but
I think it beats the `copying bash' procedure for quick and dirty
operations.
Eric Meijer
--
E.L. Meijer (tgakem@chem.tue.nl) | tel. office +31 40 2472189
Eindhoven Univ. of Technology | tel. lab. +31 40 2475032
Lab. for Catalysis and Inorg. Chem. (TAK) | tel. fax +31 40 2455054
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: