setuid programs
Jason
jkenner@mindspring.com
Tue, 16 Jan 2001 06:17:31 +0000
Bill Warner wrote:
>
> On 15 Jan 2001 05:05:37 +0000, Jason wrote:
> > plug@arcticmail.com wrote:
> > >
> > > 1. Try "chmod 500 /bin/ps".
> > >
> > > 2. grep all source code for "not secure for set uid operation".
> > > Modify the source code to disable this "feature."
> > > Compile.
> >
> > hell, greping the relevant binarys for that string might even be a
> > good idea... why would one be using iBCS and a SCO binary if one could
> > recompile?
>
> ps is the native linux version, there is a custom sco binary used in
> our application called
> pm. this program basicly uses ps to get username and pid for a user
> within our bussiness
> application. I don't like it but pm is set uid and when called it gives
> the program not secure
> to run as setuid. this message is comming seems to be comming from ps.
> I am guessing
> that a recomplie of ps is going to be needed.
Make ps owned by a non-existant user.
chown 4321:4321 /bin/ps
--
jkenner @ mindspring . com__
I Support Linux: _> _ _ |_ _ _ _|
Working Together To <__(_||_)| )| `(_|(_)(_|
To Build A Better Future. | <s>