[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Set user ID on execution



On Sun, Apr 02, 2000 at 06:30:08PM -0400, Brian Clark wrote:
[[explanation of "what suid is" snipped]]
> 
> OK, I understand the what you've said above, but give me an example. I have 
> seen what happens when /bin/su is not setuid, but WHY does it have to be 
> like that, and WHY does it do what it does when it's not setuid? I've seen 
> a lot of other binaries in this predicament:

/bin/su, /bin/login, and other programs like that have to be suid root
because they need access to the /etc/password and /etc/shadow files to
be able to authenticate you.

Other programs, like ping and traceroute, need to do special things with
the network that isn't allowed to any user besides root (because if
users could do these things, they could do all sorts of nasty stuff).

I'm not sure about mount, but it seems to need root permission to be
able to tell the kernel to mount/umount a filesystem (if i understand
these sources correctly... ;)


-- 
  finger for GPG public key.

Attachment: pgp4HHUaZ5b0g.pgp
Description: PGP signature


Reply to: