Open jpouellet opened 9 years ago
The advertisement for SUIDGuard states that at the moment we only handle SUID/SGID root so this is not a surprise.
Of course there might be SUID/SUGID binaries for other users installed, but that was not a priority because it is not a default thing. I would actually be interested to know what software for OS X installs SUID/SGID binaries that are not SUID/SGID root.
In near future we will change SUIDGuard to cover all SUID/SGID executions and to also kick in for binaries restricted by entitlements (which gets more important with El Captian).
SUIDGuard.c:104:
This makes the implicit assumption that the only trust boundary that matters is that between not-root and root. I assert that this is not a valid assumption.
There are many systems which have suid binaries owned by other users, for which arbitrary file writing is still a very powerful unexpected capability!
Unfortunately I can't test without the check for {u,g}id == 0 to see if anything breaks (which I highly doubt) unless I disable kext signing completely (which I haven't done) since you can't seem to use self-signed kexts and I'm not part of the Apple developer program thing.
Am I missing something?