[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

fsck -> local root


Some days ago there was a powerbreak, some files was damaged on my
box. The most interest thing, that 'whoami' showed 'root' for each
users. I had no idea, cause /usr/bin/id -un told the correct username.
The answer is the following:
/bin/sh had suid flag, but /usr/local/bin/bash the default shell not.
So if any of the users started a standard sh shell, he got a root
My box wasn't hacked, it is sure.
Then my question is: is it possible that fsck set the suid flag after
the reboot?

Thanks in advance...

Best regards,
 RSC                            mailto:rsctm@freemail.hu