BIND 10 #268: review: setuid via -u on b10-auth
BIND 10 Development
do-not-reply at isc.org
Mon Aug 9 20:17:57 UTC 2010
#268: review: setuid via -u on b10-auth
------------------------------+---------------------------------------------
Reporter: shane | Owner: jelte
Type: enhancement | Status: reviewing
Priority: major | Milestone: 06. 4th Incremental Release
Component: b10-auth | Resolution:
Keywords: | Sensitive: 0
Estimatedhours: 0.0 | Hours: 0
Billable: 1 | Totalhours: 1.0
Internal: 0 |
------------------------------+---------------------------------------------
Comment(by jelte):
Well the old trick for getting a second superuser account is to set its
uid to 0. Don't know if it's in the standards (i suspect they left
specifying that out on purpose), and I *think* that having a second uid=0
account and then asking for its username will return root again, so in
practice I don't think it really matters, but i believe that that is the
check the system actually makes (unless there are capabilities or other
such modern nonsense)
--
Ticket URL: <https://bind10.isc.org/ticket/268#comment:14>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list