Gentoo Archives: gentoo-dev

From: Brian Harring <ferringb@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] /sbin /usr/sbin security hole
Date: Tue, 17 Jan 2006 14:10:31
Message-Id: 20060117140635.GA13008@nightcrawler.had1.or.comcast.net
In Reply to: [gentoo-dev] /sbin /usr/sbin security hole by "Paweł Madej"
1 On Tue, Jan 17, 2006 at 02:17:50PM +0100, Paweł Madej wrote:
2 > Hello,
3 >
4 > Today i've noticed that common user do not have /sbin and /usr/sbin dirs
5 > in their PATH but they can start all the tasks from that directories for
6 > example on server machine someone could make /sbin/shutdown and turn the
7 > server off. For me it is very big security hole.
8
9 Just because a binary is accessible, doesn't mean the user executing
10 it has the keys to the kingdom- the binary is executing under that
11 user, meaning the execution context can do only what the user can do.
12
13 This is why setuid can be problematic, it makes the binary execute
14 under the owner rather then user calling it- non root can execute with
15 root privs. Note also I said problematic- there are cases where this
16 is useful/needed (mount for example), just has to be managed
17 carefully.
18
19 Either way... this isn't a security hole, would suggest you try
20 executing some of the bins- as stated in the other email, this isn't
21 an issue unless the user has gone and flagged those binaries setuid
22 (eg, user did something _really_ dumb).
23
24 Thread should move over to gentoo-user for further details on setuid
25 (after a bit of googling hopefully :)
26
27 ~harring