10-02-2015
Can you gain root privileges if the suid program does not belong to root?
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi guys...
how can a root assign a user all or most of the root privileges?
is sudoer comand enough 4 this?
thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies
2. Programming
Hi
I have make a program that needs root privleges but any user can try to run it, so what I want it is, when any user tries( other than root ) to run the program, an input prompt would open to enter root password ( if user knows ) and program will run ( otherwise exit ), and after completing... (21 Replies)
Discussion started by: sumsin
21 Replies
3. Solaris
Hi, I've just managed to install openssh in my home directory on a server I have access to by using --prefix=$HOME/local after ./configure. Another thing I was having trouble with without root access was privilege separation, so I disabled that in my sshd_config. However, when I run... (10 Replies)
Discussion started by: sayeo
10 Replies
4. UNIX for Dummies Questions & Answers
Hello,
As admin with root rights, to execute any command from another user without password-ask, I do : su - <user> -c "<cmd>"
But how can I do to give the same rights to another physical user without using root user ? :confused:
I've try to create another user "toor" with the same primary... (4 Replies)
Discussion started by: madmat
4 Replies
5. Linux
Hi,
Is it possible to grant root privileges to an ordinary user?
Other than 'sudo', is there some way under Users/Groups configuration?
I want ordinary user to be able to mount, umount and use command mt.
/Brendan (4 Replies)
Discussion started by: brendan76
4 Replies
6. Shell Programming and Scripting
My English is no very good.
I must make a bash scripting sh create like a backdoor, and when execute the script a user without privileges convert in super user or root, whithout introducing the password.
In Spanish:
Crear un script que sirva como puerta trasera al sistema, de manera que al... (1 Reply)
Discussion started by: kitievbr
1 Replies
7. Solaris
Hello
I am a new (and only) administrator of a Solaris 10 environment. The previous admin gave me a use (say user123) that is supposed to have administrative privileges.
Now the problem is, the user does not have this privilege! Here is what i tried so far:
$ id
uid=109(user123) gid=1(other)... (3 Replies)
Discussion started by: abohmeed
3 Replies
8. HP-UX
hi,
i am new in hp ux and i must create a user with root privileges and so i disable ssh connection from root login.
thanks.. (6 Replies)
Discussion started by: eliste
6 Replies
9. UNIX for Dummies Questions & Answers
Hey guys,
Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.
However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by... (2 Replies)
Discussion started by: syncmaster
2 Replies
10. Infrastructure Monitoring
Hi guys,
I am currently managing an application running on around 150 servers.
I only have application usage rights on those servers and do not have any root privileges.
I have an external node that can connect to those servers and I have root privileges on that one box.
I want to setup... (2 Replies)
Discussion started by: Junaid Subhani
2 Replies
LEARN ABOUT PLAN9
captest
CAPTEST:(8) System Administration Utilities CAPTEST:(8)
NAME
captest - a program to demonstrate capabilities
SYNOPSIS
captest [ --drop-all | --drop-caps | --id ] [ --lock ] [ --text ]
DESCRIPTION
captest is a program that demonstrates and prints out the current process capabilities. Each option prints the same report. It will output
current capabilities. then it will try to access /etc/shadow directly to show if that can be done. Then it creates a child process that
attempts to read /etc/shadow and outputs the results of that. Then it outputs the capabilities that a child process would have.
You can also apply file system capabilities to this program to study how they work. For example, filecap /usr/bin/captest chown. Then run
captest as a normal user. Another interesting test is to make captest suid root so that you can see what the interaction is between root's
credentials and capabilities. For example, chmod 4755 /usr/bin/captest. When run as a normal user, the program will see if privilege esca-
lation is possible. But do not leave this app setuid root after you are don testing so that an attacker cannot take advantage of it.
OPTIONS
--drop-all
This drops all capabilities and clears the bounding set.
--drop-caps
This drops just traditional capabilities.
--id This changes to uid and gid 99, drops supplemental groups, and clears the bounding set.
--text This option outputs the effective capabilities in text rather than numerically.
--lock This prevents the ability for child processes to regain privileges if the uid is 0.
SEE ALSO
filecap(8), capabilities(7)
AUTHOR
Steve Grubb
Red Hat June 2009 CAPTEST:(8)