Re: SGID man

[hno () HEM PASSAGEN SE (Henrik Nordstrom)]

Isaac To wrote:

> But yes, it is ugly.  It might be better if any SGID program is also SUID
> nobody, and re-acquire real user privilege only when required.  But still,
> it is ugly.

That is not a viable approach unless the binary (and all other binaries
owned by nobody) also is immutable. If the binary isn't immutable and
someone finds a security breach in the program or one of the invoked
sub-programs then they can easily replace the binary with a custom one,
and if root (or another user) then runs this program in the beleif that
it is the original one...

--
Henrik Nordstrom