Why are root-owned setuid shell scripts inherently unsafe?
What will be an ideal response?
When an ordinary user executes a shell script that is owned by root and has
setuid permissions, the program has full root privileges. The user’s privileges
do not change. When the program finishes running, all user privileges revert
to the way they were before the program started. However, there are several
ways to exit from a running setuid shell script that leave the user running a
setuid shell. When the script being run is owned by root, the user is left with a root prompt, giving the user the same control over the system that a user
with root privileges has.
You might also like to view...
Traditional ________ use data from a single table
Fill in the blank(s) with correct word
Analyze the following code:
``` class Test { private double i; public Test(double i) { this.t(); this.i = i; } public Test() { System.out.println("Default constructor"); this(1); } public void t() { System.out.println("Invoking t"); } } ``` a. this.t() may be replaced by t(). b. this.i may be replaced by i. c. this(1) must be called before System.out.println("Default constructor"). d. this(1) must be replaced by this(1.0).