Re: No Root Shell with SUID /bin/bashFrom: Peter Pan (email@example.com)
- Previous message: Lawless, Tim: "RE: Adore over adore?"
- Maybe in reply to: helmut schmidt: "No Root Shell with SUID /bin/bash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Apr 2002 10:49:06 +0200 (CEST) From: Peter Pan <firstname.lastname@example.org> To: Denis.Ducamp@hsc.fr, styx@SuxOS.org
some comments on the comments:
Johannes is of course right. If there were a
exploitable flaw in an implementation of a function,
then it would be better not to have an effective uid
But you can't drop root privileges and then regain
them (as Johannes proposed) with setuid. You need the
(non-posix, BSD) seteuid for managing a task like
Denis, the difference between sudo and the small C
program is that the C program doesn't need an
/etc/sudoers file (which could be deleted by an
attacker) or something similar for authentication.
There are many things that can be improved, maybe
choosing a hash function which is even more time
consuming than MD5 and due to this more resistant to
wordbook-attacks and enumeration of passwords.