Re: SGID man

From: Henrik Nordstrom (hnoat_private)
Date: Thu Aug 05 1999 - 18:08:54 PDT

Next message: Jan B. Koum: "Re: Nifty DoS in Foundry networks gear."

Previous message: Luis M. Cruz: "vlock + magic SysRQ key"
Maybe in reply to: Solar Designer: "SGID man"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Isaac To wrote:

> But yes, it is ugly.  It might be better if any SGID program is also SUID
> nobody, and re-acquire real user privilege only when required.  But still,
> it is ugly.

That is not a viable approach unless the binary (and all other binaries
owned by nobody) also is immutable. If the binary isn't immutable and
someone finds a security breach in the program or one of the invoked
sub-programs then they can easily replace the binary with a custom one,
and if root (or another user) then runs this program in the beleif that
it is the original one...

--
Henrik Nordstrom

Next message: Jan B. Koum: "Re: Nifty DoS in Foundry networks gear."
Previous message: Luis M. Cruz: "vlock + magic SysRQ key"
Maybe in reply to: Solar Designer: "SGID man"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:11 PDT