supersuer by a normal user with chmod
Hi
On normal homedirs the owner of the files is the owner of the homedir. That
means he/she can alter the file permissions in the files he/she ownes (with
chmod)
I tested the following: As a normal user i crated a file in my homedir.
% touch test
I changed it to a exec file.
% chmod 700 test
No i set the superuser bit
% chmod +s test
It worked(!!!!!). That means that a user can download for example a BASH
binary and set the superuser bit for it ans has root privileges ??!!
Am i missing here something?
cheers,
Raffaele
--
Werden Sie mit uns zum "OnlineStar 2002"! Jetzt GMX wählen -
und tolle Preise absahnen! http://www.onlinestar.de
Reply to: