Mailinglist Archive: opensuse-security (206 mails)

< Previous Next >
Re: [suse-security] suid and suse 6.4
  • From: Eilert Brinkmann <eilert@xxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: 28 Jun 2000 23:28:21 +0200
  • Message-id: <xttsntxwl56.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
alex medvedev <alexm@xxxxxxxxxxx> wrote:
alexm@quake:/ > ls -l sh
-rwsr-xr-x 1 root root 387764 Jun 28 00:27 sh*
alexm@quake:/ > ./sh
alexm@quake:/ > id
uid=1000(alexm) gid=100(users) groups=100(users)

Correct. The bash (sh is probably a copy of bash -- or of /bin/sh
which is a link to /bin/bash) resets the UID to the caller's.

wasn't i supposed to get euid of root?
or does suse's /bin/sh do some checks i am not aware of?

This is not SuSE specific. From `man bash':

If the shell is started with the effective user (group) id
not equal to the real user (group) id, [...] the effective
user id is set to the real user id.

According to the man page it should be possible to disable this
security feature with the -p option, but this options seems not to
work.

Eilert
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik
eilert@xxxxxxxxxxxxxxxxxxxxxxxx - eilert@xxxxxxx - eilert@xxxxxxxxxxxxxx
http://www.informatik.uni-bremen.de/~eilert/

< Previous Next >
References