[MPlayer-users] vidix without being root or suid bit?
Alessandro Selli
dhatarattha at libero.it
Wed Sep 18 10:00:02 CEST 2002
Il giorno Tue, 17 Sep 2002, D Richard Felker III così ha scritto:
|From: D Richard Felker III <dalias at aerifal.cx>
|To: mplayer-users at mplayerhq.hu
|Date: Tue, 17 Sep 2002 18:13:58 -0400
|Subject: Re: [MPlayer-users] vidix without being root or suid bit?
|
|That is nonsense.
Do you mean something I wrote is wrong?
| If you run the suid-root mplayer with
|/lib/ld-linux.so.2 /path/to/mplayer, the suid bit will ***NOT*** be
|honored, since you are exec'ing /lib/ld-linux.so.2 (which is not suid)
|as opposed to /path/to/mplayer (which is).
I did not imply this would happen. Mine was a generic warning against the
false sense of security of simply setting an executable "noexec" to some
users. They should also be made non readable to those users.
| Learn a little about unix
|before posting such silliness.
|
I do that every day. What is silly, pray tell me, about what I wrote
yesterday?
|Of course if the binary is not suid (as in your example) it's even
|stupider, since someone who wants to run it can just make their own
|copy with cp and then run it.
|
I did not have the time to test that method of executing binaries
thoroughly, I do want to find out if what you're writing is accurate. When I
execute suid binaries, what executes them is my shell, right? My shell is
not set uid root, right? However, suid root binaries are executed with root
rights set, don't they? Again, I cannot perform tests, at work I don't have
the time and neither do I at home, since I'm moving. However, please take my
advice: take it easy man, don't judge people so hastily based on your
assumptions about what they must have thought.
Sandro
--
Bellum se ipsum alet
La guerra nutre se stessa
Livio, Ab urbe condita, XXXIV,9
More information about the MPlayer-users
mailing list