[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Another system management tool to disappear.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Aug 29, 2015 at 08:30:58PM -0400, Gene Heskett wrote:

[...]

> Installed it, suid problems:
> 
> gene@coyote:~$ busybox su amanda
> su: must be suid to work properly
> gene@coyote:~$ busybox su -
> su: must be suid to work properly
> 
> Is it still finding the system su first?

No: It's telling you that it can't honour your request unless the
executable has the setuid bit set. This is the magic by which all
of this works, anyway.

This is easy to achieve (chmod u+s /bin/busybox). BUT you should
stop for a minute and think of the consequences. If busybox has
a vulnerability, then anyone capable of invoking it can achieve
root. Pick your poison :-)

- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlXiwY4ACgkQBcgs9XrR2kaV2ACcDOWyczzXhZLvCcvw6JroncI6
6Z4An3Nt+HgAMHmRjuccBtK7Z3VLguwC
=+3BQ
-----END PGP SIGNATURE-----
Reply to: