Nmap: pissing. me. off.
Bill Sconce
sconce at in-spec-inc.com
Thu Mar 17 11:20:04 EDT 2011
On Wed, 16 Mar 2011 23:22:40 -0400
Kyle Smith <askreet at gmail.com> wrote:
> > ...somehow, nmap on the failing machine was -rwxr-xr-x (vs.
> > -rwsr-sr-x on the functioning one). It became obvious I'd missed
> > something when this line popped up in strace:
> >
> > mmap2(NULL, 156036, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE...
> >
> > I *am* curious, now, though: I always thought SUID, etc., bits affected
> > *non*-root users. How is it that root is being denied root privs?
A possibility (just supposing): if you were writing a program which
was planned to play limited God (e.g., by SUID), you might consider it
a good design philosophy to have your program look around at its
environment and purposely drop all privileges it doesn't "think" its
environment was supposed to give it...
(In the case of returning MAC addresses one might say "why not", but
if the question is phrased as "hey, I'm root, I can take it easy and
not bother about protecting anything" the answer comes up different.)
Personally, I'd think that a program which honors a "don't do this"
protection bit when running as root is doing the right thing.
(Just supposing.)
-Bill
_______
Sent from my virusproofed Linux PC
More information about the gnhlug-discuss
mailing list