[mythtv-users] Running as root
R. G. Newbury
newbury at mandamus.org
Mon Oct 2 18:53:13 UTC 2006
Dave Sherohman wrote:
> On Fri, Sep 29, 2006 at 01:37:57PM -0400, R. G. Newbury wrote:
>> And exactly how does one set the SUID bit on a file? Would this be chmod
>> +s mythfrontend or chmod 7777 mythfrontend?
>>
>> As usual the man page, while perfectly correct is perfectly opaque.
>
> chmod u+s mythfrontend
>
> chmod 7777 would set not only suid, but also sgid and the sticky bit.
> And you probably don't want to be making mythfrontend world-writable if
> it's anywhere near a network, either, especially if it's suid root.
> chmod 4755 or 4750 (if the mythtv user is a member of the group that
> owns it) would be reasonably sane, though. (4755 = rwsr-xr-x; 4750 =
> rwsr-x---)
Thanks! As noted, more to play with.
My mythbox is not connected to any network, unless I lug it to the office.
I remain, as usual, bemused by the level of paranoia exhibited in your
statement...Has anyone actually figured out how it could be possible to
subvert a mythbox, from having mythfrontend writeable and running suid root?
--
R. Geoffrey Newbury
Helping with the HTTP issue
<a href="http://www.w3.org/Protocols/">HTTP</a>
More information about the mythtv-users
mailing list