David Howells <dhowells@xxxxxxxxxx> wrote: > (1) Consider a SUID binary. If the loader for that binary is executable by > the uid to which the binary changes its uid on execution, but not by the > uid of the caller, should execution succeed? > > For example, if, as root, I do this: > > cp -v /bin/ls /tmp/ls > perl -p -i -e s/ld-linux/ld-linuQ/ /tmp/ls > cp -v /lib64/ld-linux-x86-64.so.2 /lib64/ld-linuQ-x86-64.so.2 > chmod -v 0700 /lib64/ld-linuQ-x86-64.so.2 I forgot to add to that: chmod u+s /tmp/ls David -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
