If I copy aside /bin/echo, and chmod u+s'ing it as root, and then switching back to a weaker user, why can't I run /root/suidecho "something" > /usr/bin/passwd? (Permission denied)
Asked
Active
Viewed 267 times
0
Hauke Laging
- 90,279
Wosp
- 1
-
1The echo command is not writing the file, the shell is. – jordanm Apr 03 '18 at 22:06
-
The suggested duplicate answers the question, but I would say only Kusalananda’s Answer spells it out as to why – Jeff Schaller Apr 04 '18 at 00:17
1 Answers
2
Simply put, because your elevated echo is with superlative authority writing to standard output, and then your perfectly normal, non-superuser shell is trying to redirect that to a file to which it does not have write privileges.
DopeGhoti
- 76,081