HPE Community
Operating System - HP-UX
1820255 Members
2900 Online
109622 Solutions
New Discussion юеВ

filesystem option "suid or nosuid"

 
Marylou Kohlmeier
Frequent Advisor

тАО11-05-2008 06:43 AM

тАО11-05-2008 06:43 AM

filesystem option "suid or nosuid"

Our /opt filesystem is presently mounted with neither "suid" nor "nosuid" option. What is the effect if I modified our /opt and apply "suid".
0 Kudos
Reply
5 REPLIES 5
Ganesan R
Honored Contributor

тАО11-05-2008 07:06 AM

тАО11-05-2008 07:06 AM

Re: filesystem option "suid or nosuid"

Hi,

By default the filesystems will be mounted with suid option though it is not mentioned in fstab file. And /opt is preferred to be mounted with suid option.

Mounting the filesystem with "nosuid" keeps everyone to run SUID programs i.e. to start a program not under the UID of the starter but the owner of the file.

And moreover setting this option needs unmount of that filesystems.

Hope this helps.
Best wishes,

Ganesh.
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО11-05-2008 07:17 AM

тАО11-05-2008 07:17 AM

Re: filesystem option "suid or nosuid"

Hi:

Mounting a filesystem with the 'nosuid' option disables the 'setuid' action. If you mount a filesystem this way and attempt to execute a 'setuid' binary existing in that filesystem, you see:

Setuid execution not allowed

By example, if you mounted '/usr' as a 'nosuid' filesystem, then whenever a noraml users user attempted to change his/her password, they would be denied. This is because it is the 'setuid' bit and the 'root' ownership of the 'passwd' executable that confer an effective UID of 'root' to the normal user when (s)he runs the 'passwd' command.

Before doing something like this, make sure that you know what your filesystem contains:

# find /path -perm -4000

...will find all 'setuid' files.

Regards!

...JRF...
0 Kudos
Reply
Marylou Kohlmeier
Frequent Advisor

тАО11-05-2008 07:28 AM

тАО11-05-2008 07:28 AM

Re: filesystem option "suid or nosuid"

Thank you for all your replies. Presently, this is what I have for our /opt:

/dev/vg00/lvol6 /opt vxfs delaylog 0 2

I just want to clarity, since it's not specified, it the default "suid"?
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО11-05-2008 07:33 AM

тАО11-05-2008 07:33 AM

Re: filesystem option "suid or nosuid"

Hi (again):

> I just want to clarity, since it's not specified, it the default "suid"?

Yes.

Regards!

...JRF...
0 Kudos
Reply
Marylou Kohlmeier
Frequent Advisor

тАО11-05-2008 07:38 AM

тАО11-05-2008 07:38 AM

Re: filesystem option "suid or nosuid"

Thank you and have a nice day
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.