setuid programs

plug@arcticmail.com plug@arcticmail.com
Fri, 12 Jan 2001 17:51:52 -0700


1. Try "chmod 500 /bin/ps".


2. grep all source code for "not secure for set uid operation".
   Modify the source code to disable this "feature."
   Compile.


D

* On Fri, Jan 12, 2001 at 03:42:20PM -0700, Bill Warner wrote:
> Ok, turn of security related flames for this please.
> 
> 
> We have an archaic piece of software that we are trying to replace
> but it has been movied over from a SCO system and is useing the iBCS
> binary compatibilty.  On the Sco box it was set uid and ran the ps
> command
> but on linux we get an error message:
> 
> This /bin/ps not secure for set uid operation.
> 
> we can make this work when logged in as root or su - to root but we have
> tried everything and cant even get sudo to work.  I am guessing that
> there
> is a kernel security that doesnt let programs that access the /proc
> filesystem
> to be able to run suid?
> 
> Is there a way we can get around this untill we can come up with a
> better
> system??????
> 
> 
> --
> Bill Warner
> Direct Alliance Corp.
> Unix/Linux Admin.