[UPHPU] Using exec() to ping?
digitalsuicide at gmail.com
Wed Apr 5 09:44:45 MDT 2006
> No. It's not a problem with actually executing the file. It's a
> problem with permissions inside the ping program to access a raw
> socket. Since the dawn of Unix time, you've had to be root to invoke
> a raw socket. This means that normally, if you execute a program as a
> normal user, you won't have those permissions. However, the suid bit
> forces the applicable program to run under the OWNER of the program
> (obviously, in this case, root), giving it the permissions inherent
> with that owner. Basically, it's a way to tell the ping program to
> hijack itself to be run as root, and then return to the executing owner.
That last 'owner' should be 'user'. Don't want to confuse anyone. Hope
this explanation helps.
More information about the UPHPU