Re: enabling setuid -- what's the security issue? and how to do it?
- From: Bennett Haselton <bennett@xxxxxxxxxxxxx>
- Date: Sun, 11 Nov 2007 08:01:34 -0800
On Nov 10, 10:01 pm, Keith Keller <kkeller-use...@xxxxxxxxxxx
francisco.ca.us> wrote:
On 2007-11-10, Bennett Haselton <benn...@xxxxxxxxxxxxx> wrote:
1) If user X sets the setuid bit as their script, then that just means
when user Y runs the script, it runs with the permissions of user X
instead of Y. But this means that the absolute worst that Y could do,
would just be things that X would be able to do under their own
account anyway. So the worst risk is that you'll allow someone to do
things as you (delete your files, etc.) but you wouldn't be putting
anybody else's data at risk, would you? So shouldn't it just be X's
prerogative if they want to put their own stuff at risk by setting the
setuid bit on their script?
Well, there are two issues: X can disclaim culpability for any security
exploits created by his programs by claiming that someone else did it
with his setuid script. If X happens to be root, things are that much
worse.
I guess it depends on whether the admin is willing to hold X just as
responsible for things that were done under his account, as for things
that were done by X deliberately.
If not, then there are a myriad other excuses that X could use (stuck
their password to their monitor, saved it in a client program on their
computer that was then compromised by spyware, etc.) in addition to
"someone ran my setuid script".
This is a webserver configuration issue: it sounds like the webserver is
running in a chroot jail. There are certainly many ways of getting
around this issue beyond running as setuid; either reconfigure the
chroot environment to allow reading of the log files, or don't run the
webserver in a chroot jail at all. Either of these are better than
allowing setuid scripts. There are probably other workarounds too.
What is the settings file that I could edit to configure which
directories the webserver is allowed to read from (currently limited
apparently to /tmp and /var/www )?
-Bennett
.
- References:
- enabling setuid -- what's the security issue? and how to do it?
- From: Bennett Haselton
- Re: enabling setuid -- what's the security issue? and how to do it?
- From: Keith Keller
- enabling setuid -- what's the security issue? and how to do it?
- Prev by Date: Re: How to create an SSH/telnet user with read-only permissions ?
- Next by Date: Re: Why do current distributions tend to destress the importance of developing tools?
- Previous by thread: Re: enabling setuid -- what's the security issue? and how to do it?
- Next by thread: Re: he'll be selling from time to time multiple Abdel until his identification consults half
- Index(es):
Relevant Pages
|
|
