Linux security basics with SUID/SGID – part 1

Hello, i’m starting series of article on Linux security theme. Here is example of SUID/SGID bits that could give you superuser executes in system:

Let’s write some simple C program:

We need to compile it:

cc suid_hack.c -o suid_hack

Here is magic of SUID and SGID bits:

Now, run suid_hack by ordinary not superuser.

My example stored in /tmp

Please, take care of bits that you set. That’s very powerful thing.

That would be useful to create list of SUID/SGID files and keep track them carefully.

Here is small example how you can do it:

As you see, i have weird file in /tmp – suid_hack.

Author: GergunD

Leave a Reply