[UPHPU] Using exec() to ping?
dataw0lf
digitalsuicide at gmail.com
Wed Apr 5 09:44:45 MDT 2006
dataw0lf wrote:
>
>
> No. It's not a problem with actually executing the file. It's a
> problem with permissions inside the ping program to access a raw
> socket. Since the dawn of Unix time, you've had to be root to invoke
> a raw socket. This means that normally, if you execute a program as a
> normal user, you won't have those permissions. However, the suid bit
> forces the applicable program to run under the OWNER of the program
> (obviously, in this case, root), giving it the permissions inherent
> with that owner. Basically, it's a way to tell the ping program to
> hijack itself to be run as root, and then return to the executing owner.
That last 'owner' should be 'user'. Don't want to confuse anyone. Hope
this explanation helps.
More information about the UPHPU
mailing list