Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

SetUID and Buffer Overflows. a. Explain what it means for a program to be SetUID

ID: 3582088 • Letter: S

Question

SetUID and Buffer Overflows.

a. Explain what it means for a program to be SetUID root. Then give an example of an existing program that is SetUID root and explain why it needs these privileges.

b. Consider the following vulnerable function

Suppose you are interested in attacking the above function by supplying an array that starts with malicious shell-spawning instructions and then is large enough to overflow the

copy_it function's return address to make it point back to the start of dest. Will this same type of attack work on the above (modified) function? Why or why not?

void copy it char src){ char dest 8 printf address of dest is %p In", dest) strcpy (dest, ,src);

Explanation / Answer

answer of a)

SETUID is nothing but the executable program can run under different permissions than the user who has executed it.Some applications are set like this so the users can run with low permissions but a specific application they need to run with higher permissions can be.

SETUID root means that when the program is run it is as if root ran it which leaves you open to all the usual security risks of running something at high permission levels ,it could do anything to your system.Some programs need to run with “root” privileges, even when they are launched by unprivileged users.

A example is the passwd program, which users can run to change their password, and which needs to access the something normally restricted to root, for security purpose. Executables programs are setuid-root, meaning that they always run with root privileges.

These privilges are required because of security purpose because developers should design and implement programs that use this bit on executables carefully in order to avoid security vulnerabilities including buffer overruns and path injection. Successful buffer-overrun attacks on vulnerable applications allow the attacker to execute arbitrary code under the rights of the process exploited. In the event that a vulnerable process uses the setuid bit to run as root, the code will execute with root privileges, in effect giving the attacker root access to the system on which the vulnerable process is running.

Importance of a setuid process is the environment of the process,if the environment is not properly decontaminate by a privileged process, its behavior can be changed by the unprivileged process that started it.For example, GNU libc was at one point vulnerable to an exploit using setuid and an environment variable that allowed executing code from untrusted shared libraries.

Related Questions

Set the syringe firmly on its base on the table and had someone click start. Wai
Question #2220131
Set the syringe firmly on its base on the table and had someone click start. Wai
Question #2220137
Set the width of the body element to 1000 pixels. Set the width of the navigatio
Question #3722182
Set up (but do not attempt to solve) the linear programming problem (i.e. give t
Question #3271254
Set up (but do not attempt to solve) the linear programming problem (i.e. give t
Question #3297871
Set up ALL WORK in your notebook. 1. Empirical formula problems: (Use class note
Question #862905
Set up Bovine Serum Albumin dilutions (prepared in 0.01% SDS) to provide a stand
Question #192395
Set up Hess\'s law cycle, and use the following information tp calculate deltaH
Question #793391
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Set933/10012/12/2015 0533 PM Gr Print CalauatorPorlodic Table on 5 of 16 Mapdt T
Next
Seth Bullock, the owner of Bullock Gold Mining, is evaluating a new gold mine in

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.