Reading QuestionsRemember to submit your answer to this quetion before the next class.
The following C program will create a new file
test.txt
when run. (If you are not familar with Linux syscalls for file operations, read
chap 3 and 4 of UEAP.)
#include <sys/types.h> #include <sys/stat.h> int main () { creat ("test.txt", S_IRUSR|S_IWUSR|S_IXUSR|S_IROTH|S_IWOTH|S_IXOTH); return 0; }Now compile this program using gcc: # gcc -o a.out a.c // note that we are root!Then make the generated executable a.out root set-uid:
# chmod o+s a.outThen run this program as a non-root user, who is the owner of the newly created file test.txt ? Do you think whether or
not this is secure? Why?
|