Re: RedHat Question

From: Roman Podshivalov <roman.podshivalov_at_gmail.com>
Date: Thu, 8 May 2008 09:18:46 -0400
Message-ID: <55f303590805080618n3f634fcbt1ea256ccaf3f22f7@mail.gmail.com>

Jared,

To run it with root privileges you have to have a SUID bit set and use setuid(geteuid) routine in your code. But If memory serves me correctly if you set it first before chown your script to root it'll disappear (just to prevent such a security hole). And once script belongs to root you cannot set SUID bit on it anyway 8-)

--romas

On 5/7/08, Jared Still <jkstill_at_gmail.com> wrote:
>
> On Tue, May 6, 2008 at 9:02 AM, Niall Litchfield <
> niall.litchfield_at_gmail.com> wrote:
>
>> Isn't this for both security and space management (quota) issues.
>>
>
> Allowing users to chown their files is definitely a security issue.
>
> Imagine if you could write a script, then 'chown root myscript.sh', and run
> it with root privileges?
>
> Re the quota issues, I hadn't thought of that one, but users could easily
> bypass
> quotas limits with chown.
>
>
> --
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
>

--
http://www.freelists.org/webpage/oracle-l

Received on Thu May 08 2008 - 08:18:46 CDT

This message: [ Message body ]
Next message: Martin Klier: "Re: Execution time in SHARED SERVER vs. DEDICATED SERVER (RAC 10gR2)"
Previous message: Goulet, Dick: "RE: another failed attempt at database independence"
In reply to: Jared Still: "Re: RedHat Question"
Next in thread: Jared Still: "Re: RedHat Question"
Reply: Jared Still: "Re: RedHat Question"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message