Date: Mon, 24 Sep 2001 21:21:43 -0500 (CDT) From: mcbrune <mcbrune@home.com> To: cyu0635@home.com Cc: Odhiambo Washington <wash@wananchi.com>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: chmod Message-ID: <200109250221.f8P2LhK06485@home.com> In-Reply-To: <3BAFE35F.543E141A@home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, that depends... As a general rule, if SUID does not need to be set, as in the example below, then do not set it. Sometimes the SUID needs to be set, as in /usr/bin/passwd, which allows people to change their password. The security hazard is when someone has executed the program with SUID, a person can try to overflow the buffer and either get a shell or execute some code as the owner of the program. Hope this clears some things up. Corey > Hi > > Is it any security problem? Please teach me. > > Many thanks > > > Odhiambo Washington wrote: > > > * mcbrune <mcbrune@home.com> [20010924 05:37]: writing on the subject 'Re: chmod' > > | It sets the SUID bit on the file. This will allow the executable to be run as > > | the owner of the file. You can read the man page on chmod for more info. > > | > > | > > | Corey > > | > > | > Hi all > > | > > > | > What is the meaning of the figure '4'? > > | > > > | > > > | > chmod 4755 /usr/sbin/sendmail > > | > > > | > Many tks > > > > Hmm, why did you do it? ;-) > > > > -Wash > > > > -- > > Odhiambo Washington > > Wananchi Online Ltd., > > wash@wananchi.com 1st Flr Loita Hse. > > Tel: 254 2 313985 Loita Street., > > Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE. > > > > It is always good policy to tell the truth unless of course you are an > > exceptionally good liar. > > -Jerome K. Jerome > > (contributed by Chris Johnston) > > > > ------------------------------------------------------------------------ > > Part 1.2Type: application/pgp-signature > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109250221.f8P2LhK06485>