Abuse SUID bit to run malicious code
- From: Tomás Ó hÉilidhe <toe@xxxxxxxxxxx>
- Date: Thu, 18 Dec 2008 10:15:49 -0800 (PST)
I was reading up on the SUID bit just there and something came to
mind.
On my own laptop, let's say I create a simple script something like:
rm /sbin/ifconfig
I then get a USB stick and format it with ext2 and I copy the script
across to the USB stick. Then I do:
sudo chown root:root /mnt/usbstick/my_script
sudo chmod 777 /mnt/usbstick/my_script
such chmod u+s,g+s /mnt/usbstick/my_script
Let's say I bring this USB stick to a computer lab. I mount the USB
stick on a workstation computer. Will I be able to run the script? If
not, why?
(I'm presuming that the script won't run. The only reason I think it
won't run is that it took me only a few seconds to come up with this
idea, and I figure the implementors of Linux are smarter than that,
but still I'd like to know the exact reason why it won't run)
I'd try this out myself for kicks but I haven't got a second computer
to play with.
.
- Follow-Ups:
- Re: Abuse SUID bit to run malicious code
- From: John Tsiombikas
- Re: Abuse SUID bit to run malicious code
- From: David Schwartz
- Re: Abuse SUID bit to run malicious code
- From: Moi
- Re: Abuse SUID bit to run malicious code
- From: Nate Eldredge
- Re: Abuse SUID bit to run malicious code
- Prev by Date: Re: Is it possible to print enum's text?
- Next by Date: Re: gdb not catching out-of-bounds pointer
- Previous by thread: Re: Is it possible to print enum's text?
- Next by thread: Re: Abuse SUID bit to run malicious code
- Index(es):
Relevant Pages
|
