Why are root-owned setuid shell scripts inherently unsafe?

What will be an ideal response?


When an ordinary user executes a shell script that is owned by root and has
setuid permissions, the program has full root privileges. The user’s privileges
do not change. When the program finishes running, all user privileges revert
to the way they were before the program started. However, there are several
ways to exit from a running setuid shell script that leave the user running a
setuid shell. When the script being run is owned by root, the user is left with a root prompt, giving the user the same control over the system that a user
with root privileges has.

Computer Science & Information Technology

You might also like to view...

Good forms need to balance efficiency with a user-friendly interface

Indicate whether the statement is true or false

Computer Science & Information Technology

If cell A1 contained 10, cell A2 contained 2 and cell A3 contained =A1/A2, what would cell A3 show on the worksheet?

A. =A1/A2 B. =10/2 C. 5 D. =5

Computer Science & Information Technology

What is the intent of domain engineering in CBSE?

What will be an ideal response?

Computer Science & Information Technology

Why is threat identification so important in the process of risk management?

What will be an ideal response?

Computer Science & Information Technology