Page History

...

Description	Code	EUID	RUID
program startup		0	user
temporary drop	`seteuid(getuid())`	user	user
restore	`}}{{{}{`}`seteuid(0)`	user	user
permanent drop	`setuid(getuid())`	user	user
restore (attacker)	`setuid(0)`	0	0

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup

\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 9, "Unix I: Privileges and Files"
\[[MITRE 07|AA. C References#MITRE 07]\] CWE-273, [Failure to Check Whether Privileges Were Dropped Successfully|http://cwe.mitre.org/data/definitions/273.html]
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 9, "Unix I: Privileges and Files"
\[[Open Group 04|AA. C References#Open Group 04]\] [{{setuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/setuid.html], [{{getuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/getuid.html], [{{seteuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/seteuid.html]
\[[Wheeler 03|AA. C References#Wheeler 03]\] [Section 7.4, "Minimize Privileges"|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/minimize-privileges.html]

...

Space shortcuts

Page tree

Versions Compared

Old Version 27

New Version 28

Key

References