Re: [LI] dosemu from User login worked , What is SUID ?

[Rajesh Fowkar <rfowkar@xxxxxxxxxxxxxxx>]

Hi Vimal,

Thanks for the info. I tried the stuff told by you.

Setting a program as SETUID can be really dangerous. That means if dos/xdos
needs suid bit set then if you are on a network then it can create problems for
you. 

Why these programs can't run without suid set ?

Write now for me it would not make any difference since mine is a desktop pc. 

Rajesh

On Wed, 22 Dec 1999, vimal wrote:
> On Mon, 20 December 1999, Rajesh Fowkar wrote:
>  For security reasons.....
>  Just try out the following:
>  As root,
>   cp /bin/bash /tmp/a ; chmod +s /tmp/a
>  Now, as a normal user,
>   id ; /tmp/a
>  And then run "id" again...
>  You have escalated permissions to root. Bugs in an setuid program
> can result in a malicious user ending up as root. Programs running as
> root(like some daemons), or programs that can be started up as root
> (setuid root) are security problems.

-- 
Rajesh(ALIAS Shriram)
--------------------------------------------------------------------------------
How I Configured my SiS6215 Card ?Visit:http://geocities.com/rfowkar/linux.html

Web Site : http://geocities.com/rfowkar/      Email : rfowkar@xxxxxxxxxxxxxxx

"My interest is in the future because I am going to spend the rest of my
life there."     -Charles F. Kettering
--------------------------------------------------------------------------------

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.