- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Frecovering suid programs
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2001 08:19 AM
09-05-2001 08:19 AM
Frecovering suid programs
I am suffering a little at the moment with a problem using frecover.
As root I can frecover any file with the suid bit set but as a non root user the file is recovered with just the execute bits set. Is this the standard behaviour? Am I doing something stupid?
I have tried this on 10.20 and on 11.00 so I don't think it is a patch level problem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2001 08:26 AM
09-05-2001 08:26 AM
Re: Frecovering suid programs
It makes perfect sense to me frecover not recovering SUID programs for ordinary user. So the case, I can restore an SUID program from the back myself and become a super user.
I believe it's a feature of frecover though officially I am not sure :-)
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2001 10:19 AM
09-05-2001 10:19 AM
Re: Frecovering suid programs
This is perfectly normal behavior otherwise there would be a huge security problem. In fact, try this: Create a file my.exe owned by root and make it 4755 \via chmod. Nexp cp -p my.exe my2.exe as an ordinary user. You will see that the setuid bit is cleared in the copy.
If it worked any other way, it would be trivially easy for any user to create a setuid program owned by root.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2001 12:51 AM
09-06-2001 12:51 AM
Re: Frecovering suid programs
I am trying to recover files owned by the ingres user as the ingres user. I understand the security implecations of letting users recover other users suid programs but what is the problem with recovering your own?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2001 01:29 AM
09-06-2001 01:29 AM
Re: Frecovering suid programs
fbackup / frecover seem not to support non-root users quite well. (I get a "fbackup(1010): semget failed for the semaphore" if I try fbackup).
You can use tar -px to recover the setuid bit of a file owned by yourself. I do not see a security hole there, because it is possible to set the bit to the original file as well. cp -p works this way, too.
Klaus