Re: suid script
[...]
> the executable (bash, whatever) opens the file
> it closes it
> it changes uid/gid to reflect suid status -> so it becames root or whatever
> it reopens it
> and executes it
>
> problem: you can change the content of the file between the two !!
> so you can have your script, running as root, executing whatever you want !!
So that's the problem with SUID scripts. Seems to me
it could be solved by *not* closing the script file, just keep it
open. Why can't that be done?
It can't be possible, or someone would surely have fixed it
a long time ago?
Helge Hafting
Reply to: