Super Junior Linux Backdoor method of making-a vulnerability warning-the black bar safety net

ID MYHACK58:6220069335
Type myhack58
Reporter 佚名
Modified 2006-05-26T00:00:00


A file has an owner, indicating that the file who is create. At the same time, the file there is a group number, indicating that the file belongs to the group, typically the owner of the file belongs to the group.

If it is an executable file, then in the implementation, generally the file only has to call the file the user has permissions. And setuid and setgid can be to change this setting.

setuid: setting so that the file during the execution phase having the owner of the file permissions. Typically the file is /usr/bin/passwd. If a General user executes the file, then in the implementation process, the file can get root access, so you can change the user's password.

setgid: this permission only for the directory effective. Directory is set to this bit upon any user in this directory to create the file having the directory the group belongs to the same group.

sticky bit: this bit can be understood as anti-delete bit. Whether a file can be a user deleted, depending on the file belongs to the group whether the user has write permissions. If there is no write permission, then the directory where all the files can not be removed, but also can not add new files. If you want the user to be able to add files but cannot delete files, you can file using the sticky bit. This bit is set, even if the user of the directory has write permissions, nor delete the file.

Said the following about how to operate these signs:

The operation of these flags with the operation of the file permissions of the commands are the same, all is chmod. There are two ways to operate,

1) chmod u+s temp-for the temp file with the setuid flag. (setuid only the file is valid)

chmod g+s tempdir -- tempdir directory plus the setgid flag (setgid only the directory is valid)

chmod o+t temp-for the temp file with the sticky flag (the sticky only the file is valid)

2) Using octal mode: to General file by the three groups of octal numbers to set the flag, such as 6 6 6 and 7 7 7 and 6 4 4 and the like. If you set these special flag, in this set of numbers with plus a set of octal numbers. As 4 6 6 6, The 2 7 7 7 etc. This is a set of octal digits of three bits the meaning is as follows,


a - setuid bit, if the bit is 1, it indicates that setting the setuid

b - setgid bit, if this bit is 1, it indicates that setting the setgid

c - sticky bit, if the bit is 1, it indicates to set the sticky

After setting these flags, you can use ls-l to view. If you have these signs, then in the original implementation of the flag location on the display, such as:

rwsrw-r-- expressed with setuid flag

rwxrwsrw - expressed with setgid flag

rwxrw-rwt represents a sticky flag

Then the original execution flag x where to go? The system is such a requirement, if originally in the position x, then these particular flags are displayed as lowercase letters (s, s, t). Otherwise, the display for the capital letter (S, S, T).