|
DataMuseum.dkPresents historical artifacts from the history of: DKUUG/EUUG Conference tapes |
This is an automatic "excavation" of a thematic subset of
See our Wiki for more about DKUUG/EUUG Conference tapes Excavated with: AutoArchaeologist - Free & Open Source Software. |
top - metrics - downloadIndex: T s
Length: 1315 (0x523)
Types: TextFile
Names: »setuid«
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
└─⟦3da311d67⟧ »./cops/1.04/cops_104.tar.Z«
└─⟦6a2577110⟧
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
└─⟦6a2577110⟧ »./cops/1.04/cops_104.tar«
└─⟦this⟧ »cops_104/checkacct/setuid«
Files with the setuid ("set userid") or the setgid ("set group id") bit
set confer special permissions upon the user that runs them. If user "pat"
runs a program owned by user "terry" that has the setuid bit on, then user
"pat" can become user "terry" for the duration of that program. User "pat"
can access and write, erase, and alter all the files owned by "terry" during
the duration of that program. The example below shows the output of the
command "ls -Faslg rogue", where this file has the setuid bit turned on.
0 -rws------ 1 pat staff 0 Nov 11 22:51 rogue*
This works the same way for programs with the setgid bit on. The group
that owns them will be conferred upon anyone who runs the program. Here
is an example output of "ls -Faslg rogue" for a program with the setgid bit
on.
0 -rwx--S--- 1 pat staff 0 Nov 11 22:51 rogue*
You can use the command "ls -Faslg" to check and see if you have any setuid
or setgid files in your account. Unless you have a specific reason for having
them this way, you should consider turning off the setuid or setgid bit.
Chkacct will do this for you if you simply press RETURN/NEWLINE at the
prompt.
[Excerpted from "Guide to Account Security" -- Purdue Engineering Computer
Network (ECN) "No Name Newsletter" September 1991]