Thursday, April 07, 2005

What are SUID programs?

It is unix term which means "the programs which while running assume someone else's credentials." Generally if a user runs a program the program has same previleges as user has.
So, program can access same resources (files, memory etc..) what user can.
Lets take an example,
When you change your password the password file is modified by the command that changes the password. On the other hand you can edit the password file yourself.
So this command for changing the password runs with the administrator previleges.

This special previleged programs like daemons (See the gatekeepers in the first post) need to be secured because if a user tricks them into executing any other command, the seurity is defeated.

They ought to do what they are supposed to do.
To find all such programs on unix system you can use the following command:
find / -perm -4000 -o -perm -2000 2>/dev/null


No comments: