Skip to main content
Information Security

All Questions

Ask Question
Tagged with
7 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
64 views

Ubuntu 24.04 and SUID

I'm trying to understand SUID privilege escalation and I'm trying to recreate some issues. But both all my scripts and binaries drop the SUID-Bit and get executed with the user with which I'm ...
hilmbert's user avatar
hilmbert
  • 29
1 vote
1 answer
991 views

Secure way to run a linux binary which needs access to ressources only available to root?

As a developer, I ask how to approach security concerns regarding permissions of a binary which needs access to resources only available to root users. For example, let's think of a simple tool which ...
hypnomaki's user avatar
hypnomaki
  • 111
1 vote
1 answer
468 views

Using SUID program to avoid having entries in sudoers

Well, I've done a lot of reading and documentation around possible exploitation of sudoers files and SUID programs, but don't have a deep enough knowledge to pick up the wisest possible solution for ...
programmersn's user avatar
programmersn
  • 33
2 votes
1 answer
2k views

Is there a list of safe/normal/expected SUID files?

Exploitable SUID executables are a basic privilege escalation vector. But just doing a search for all such files turns up a bunch of results on any linux system, most or all of which are presumed to ...
Yaakov Saxon's user avatar
Yaakov Saxon
  • 258
2 votes
2 answers
5k views

Debugging SUID for privilege escalation

When doing privilege escalation, assuming an application with the SUID set and a debugger, what stops us from starting a shell from within the debugger? I mean just write the shell code in an ...
alex10791's user avatar
alex10791
  • 151
0 votes
1 answer
193 views

Acquire new permission after installing an Android application

I would like to know if there is an attack that allows an installed Android application to acquire further permission that is not assigned initially during installation. I did some research and found ...
Nimpo's user avatar
Nimpo
  • 121
4 votes
4 answers
1k views

Does an editable file owned by root pose any risk?

On a Linux machine, if we allowed the user bob with home directory /home/bob to put any content (malicious or not) into the file /home/bob/dangerfile.txt -rw-r--r-- 1 root root 61K Aug 24 13:59 ...
Hooked's user avatar
Hooked
  • 304