chmod g+s file
am 12.04.2008 20:52:58 von Gert Cuykenswhen i do
chown gert:root file
chmod 777 file
chmod g+s file
does gert have root permissions when executing the file ?
when i do
chown gert:root file
chmod 777 file
chmod g+s file
does gert have root permissions when executing the file ?
On Sat, 12 Apr 2008 11:52:58 -0700, gert wrote:
> when i do
>
> chown gert:root file
> chmod 777 file
> chmod g+s file
>
> does gert have root permissions when executing the file ?
Unfortunately, there are multiple things called "root" in *ix. There's
the root user, sometimes the root group, the base of the filesystem
hierarchy, the root user's home directory which is often "/root"...
If you do the above:
1) Your process should run with the permissions of the root group, not
the root user
2) Other people on the same system may find it considerably easier to run
commands in the root group, which may in turn make it considerably easier
to get root permission.
I'd suggest making the file 755 for starters, not 777. And if you want
to make a setgid shell script, you might want to point that out here -
there are folks here who can help you do it more securely.
If you don't care because this is a singleuser box... may it remain so
and without a networked filesystem.
On 2008-04-12, gert
> when i do
>
> chown gert:root file
> chmod 777 file
> chmod g+s file
>
> does gert have root permissions when executing the file ?
gert has the permissions of the root group while executing the
file. However, since the root group doesn't have have any
special properties (unlike the root user), and very few files
grant special access to the root group, this isn't likely to
get you very much. Note that gert can change file to root
group ownership only if he is *already* a member of the root
group, so he's also not getting anything he didn't have before
anyways.
--
Christopher Mattern
NOTICE
Thank you for noticing this new notice
Your noticing it has been noted
And will be reported to the authorities
gert
> when i do
>
> chown gert:root file
> chmod 777 file
> chmod g+s file
>
> does gert have root permissions when executing the file ?
Is it a shell script?
AFAIK Linux does not support setuid/setgid shell scripts.
ok thanks all :)