Gentoo Archives: gentoo-user

From: "J. Roeleveld" <joost@××××××××.org>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Risks of making traceroute suid root
Date: Thu, 11 May 2017 04:56:11
Message-Id: 032A1A84-C15E-4C0C-9D9E-044C09DABD83@antarean.org
In Reply to: [gentoo-user] Risks of making traceroute suid root by Adam Carter
1 On May 11, 2017 1:49:05 AM GMT+02:00, Adam Carter <adamcarter3@×××××.com> wrote:
2 >I want to allow some fairly well trusted users the ablilty to do traces
3 >with icmp. I can give them sudo, but how high is the risk of making
4 >traceroute suid root? AFAIK making text editors or anything that has an
5 >ability to run shell commands suid root is effectively giving them root
6 >access, but other than exploiting vulnerabilities in traceroute itself,
7 >are
8 >there any other issues?
9
10 Vulnerabilities in appications can always be exploited. Traceroute (and similar) are not written with the idea of making it super secure.
11 I also once heard that it was possible to abuse a random suid program to gain root shell. Not sure if that is (still) true. I never saw evidence for it, but with the push to use sudo instead of suid-root, I wonder how well that part is being tested.
12
13 If I had to give some power users access to traceroute, I would allow them to use "sudo traceroute". Or fix it so they can run traceroute from their own accounts without the use of suid.
14
15 --
16 Joost
17 --
18 Sent from my Android device with K-9 Mail. Please excuse my brevity.

Replies

Subject Author
Re: [gentoo-user] Risks of making traceroute suid root John Runyon <me@×××.im>