[BBLISA] Fun with nosetuid!
Brian O'Neill
oneill at oinc.net
Tue Jan 15 18:10:01 EST 2008
Which filesystem? The one containing /usr/bin? What did you expect to
happen if you mounted it with nosetuid? You basically explicitly state
to ignore setuid settings on the filesystem when you use that option -
so it sounds like it did exactly what you asked.
You don't know how much pain you would inflict on yourself if you
mounted the OS stuff with nosetuid. There are some things that just NEED it.
nosetuid is typically used for remote filesystems like NFS where the
source cannot be trusted. I might also consider using it on user
filesystems where they might be considered "untrustworthy". I think I
used it on a number of student home filesystems back in a previous life.
Scott Ehrlich wrote:
> On an unpatched Centos 4.4 system I chmod'd /usr/bin/sudo to ug+s, and
> set the filesystem in /etc/fstab to defaults,nosetuid. Reboot, and am
> told sudo needs to be set to setuid root.
>
> An ls -l shows rwsrws-- root root sudo
>
> I had to use a rescue CD to undo /etc/fstab for the filesystem partition
> so sudo would work.
>
> What am I missing?
>
> Thanks.
>
> Scott
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
More information about the bblisa
mailing list