Hi all.
On one workstation run Solaris 10 a simple user can to execute 'init 0' command without input (su and root password).
Example:
% init 0
%
OK
I don't understand how user can execute 'init 0' command on this workstation?
1) I checked /usr/local/etc/sudoers all lines are commented.
2) I checked RBAC.
%roles
no roles
3) init permissions
/sbin:
-r-sr-sr-x 1 root sys init
/etc:
lrwxrwxrwx 1 root root init -> ../sbin/init
What I must check yet?
might be because of the "s" permissions. The command, though is initiated by a regular user, is executed as root.
Try changing it to the default r-xr-xr-x root sys
Is default permissions of /sbin/init -r-xr-xr-x???
hergp
August 4, 2010, 1:35am
4
That's right, the defaults for /sbin/init are: User = root, Group = sys, Mode = 0555 (r-xr-xr-x).
It seems, if I will change permissions /sbin/init to -r-sr-sr-x only, on any workstation.
Will any user can execute 'init 0' command?
I tried on my workstation, bootadm will not execute the command unless you are the root user
Yes, that's the very purpose of the setuid bit on executables.