Re: chpasswd

From: Stachu 'Dozzie' K. (
Date: 08/24/04

Date: Tue, 24 Aug 2004 12:38:43 +0000 (UTC)

On 2004-08-23, Kevin Rodgers wrote:
> Stachu 'Dozzie' K. wrote:
> > No, you understand it incorrectly. SUID bit *never* affects scripts,
> > only binaries (it's small simplification, try searching for suid-perl).
> That must depend on the OS, as I've used setuid and setgid scripts
> successfully (on SunOS/Solaris). But they were not owned by root.

Heh, good to know. Thanks.

> > It's security reason.
> I don't think setuid scripts are a security issue in general, just
> setuid root scripts.

I agree. All setuid executable files are a potential security risk, even
"stupid" ping.

Stanislaw Klekot