Re: Of mice and men

From: "Richard" <riplin@xxxxxxxxxxxx>
Date: 6 May 2005 12:32:29 -0700

> So what does chmod do? Or do you somehow disable that from working?

Someone can only chmod or chown files that they have permission to do
so. So one can chmod _their_ files to give access to others, but they
cannot gain permission for themselves.

> Please check your system for programs set with the SUID bit
> enabled then tell me you cannot run something like root.

The suid bit on a program makes that program run as the owner of the
file. If I set my programs (ie ones that I own) to suid then they run
as my user and thus can access my files and directories. I could do
that so that others could run my program to access those files without
letting them access the files directly. ie it makes the files _more_
secure. As it is _my_ program then only I can set the suid and I can
control what the program does.

Sometimes the suid is set for root owned files. This can only be set by
root and cannot be set by, say, downloading a file and saving it to
disk. In fact downloading won't even set the executable bits.

The same argument applies. A suid root owned executable can, for
example, update a file that users only have read access to. Thus
ordinary users can only update via that program and they don't need
write access. It is _more_ secure.

.

Follow-Ups:
- Re: Of mice and men
  - From: jce

References:
- Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: Arnold Trembley
- Re: Of mice and men
  - From: docdwarf
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: jce
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: Arnold Trembley
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: LX-i
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: Donald Tees
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: jce
- Re: Of mice and men
  - From: Pete Dashwood
- Re: Of mice and men
  - From: Donald Tees
- Re: Of mice and men
  - From: jce
- Re: Of mice and men
  - From: Donald Tees
- Re: Of mice and men
  - From: jce

Prev by Date: Re: Of mice and men
Next by Date: Re: Of mice and men
Previous by thread: Re: Of mice and men
Next by thread: Re: Of mice and men
Index(es):
- Date
- Thread

Relevant Pages

RE: [SLE] Re:[SLE] device problems
... Eric -- when you look at your DVD in Konq: ... As root use chmod to change them: ...
(SuSE)
Re: Of mice and men
... "with enough security that logged in as a normal user, ... With regards to SUID bit. ... install something as a root user and be ... > Someone can only chmod or chown files that they have permission to do ...
(comp.lang.cobol)
Re: What do these file permissions mean ---Sr-x--T ?
... This was 'chmod 5050' which is quite unnecessary. ... no permission, but were this to be run as a _binary_ executable, it should ... change the file is the owner root. ...
(alt.os.linux.redhat)
Re: Installation of SCREEN with multi access
... root" nor "suid alpha". ... What I did do was cd to the binaries directory and then "chmod +s ...
(comp.unix.solaris)
Re: Weird problem with UID settings
... The suid bit is set, on all the various versions of the program I have ... 'chmod 4755 ' Sound right to you? ... >> our sysadmin to verify that for me, and the owner is root, belonging to ... > Other people's romantic gestures seem novel and exciting. ...
(comp.unix.bsd.freebsd.misc)