Security
Programs that use this bit must be carefully designed and implemented to be immune to security vulnerabilities including buffer overruns and path injection. Successful buffer overrun attacks on vulnerable applications allow the attacker to execute arbitrary code under the rights of the process being exploited. In the event a vulnerable process uses the setuid bit to run as root, the code will be executed with root privileges, in effect giving the attacker root access to the system on which the vulnerable process is running.
Read more about this topic: Setuid
Famous quotes containing the word security:
“I feel a sincere wish indeed to see our government brought back to it’s republican principles, to see that kind of government firmly fixed, to which my whole life has been devoted. I hope we shall now see it so established, as that when I retire, it may be under full security that we are to continue free and happy.”
—Thomas Jefferson (1743–1826)
“The three great ends which a statesman ought to propose to himself in the government of a nation, are,—1. Security to possessors; 2. Facility to acquirers; and, 3. Hope to all.”
—Samuel Taylor Coleridge (1772–1834)
“... most Southerners of my parents’ era were raised to feel that it wasn’t respectable to be rich. We felt that all patriotic Southerners had lost everything in defense of the South, and sufficient time hadn’t elapsed for respectable rebuilding of financial security in a war- impoverished region.”
—Sarah Patton Boyle, U.S. civil rights activist and author. The Desegregated Heart, part 1, ch. 1 (1962)