supersuer by a normal user with chmod

To: debian-user@lists.debian.org
Subject: supersuer by a normal user with chmod
From: Raffaele Sandrini <maturarbeit@gmx.ch>
Date: Wed, 25 Sep 2002 09:28:29 +0200 (MEST)
Message-id: <[🔎] 30117.1032938909@www16.gmx.net>

Hi

On normal homedirs the owner of the files is the owner of the homedir. That
means he/she can alter the file permissions in the files he/she ownes (with
chmod)

I tested the following: As a normal user i crated a file in my homedir.
% touch test

I changed it to a exec file.
% chmod 700 test

No i set the superuser bit
% chmod +s test

It worked(!!!!!). That means that a user can download for example a BASH
binary and set the superuser bit for it ans has root privileges ??!!

Am i missing here something?

cheers,
Raffaele

-- 
Werden Sie mit uns zum "OnlineStar 2002"! Jetzt GMX wählen -
und tolle Preise absahnen! http://www.onlinestar.de

Reply to:

Follow-Ups:
- Re: supersuer by a normal user with chmod
  - From: Vineet Kumar <debian-user@virtual.doorstop.net>
- Re: supersuer by a normal user with chmod
  - From: Tom Cook <tom.cook@adelaide.edu.au>

Prev by Date: Problem whit starting the debian "schoollinux 1.0"
Next by Date: Re: supersuer by a normal user with chmod
Previous by thread: Re: Problem whit starting the debian "schoollinux 1.0"
Next by thread: Re: supersuer by a normal user with chmod
Index(es):
- Date
- Thread