CA ControlMinder granted the setuid request without checking any SURROGATE access rules. In the message text, ppp is the issuing process id; uuu is the userid associated with this process; r, e, and s are the real, effective and saved UIDs of process ppp; and tr, te, and ts are the target effective, real, and saved UIDs with which the setuid request was issued. The reason for the bypass is usually because the current real or saved UID is the same as the target UID, and therefore the setuid request does not change the security scope of the user. Other possible reasons are that the program issuing the setuid system call is a privileged program (in which case reason is For Priv), or that the issuing program is a login program that switches UIDs several times before and after the actual login ( in which case reason is specified as For Login).
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|