80 Security De-engineering
variety of other things such as “world writable” directories, scheduled
job permissions, and password hashes from the /etc/passwd le.
“Setuid root” privileges are especially interesting for Hackers in these
local privilege escalation cases. e setuid bit for a root-owned program
gives the program root privileges when it runs, regardless of which user
executes the program. So, in brief, if an attacker can exploit vulnerabil-
ity with the setuid root program, they can gain local root privileges. Not
many IT operations sta will be aware of this local privilege escalation
vector. Some programs need setuid permissions in order to function,
whereas others do not. Earlier versions of Oracle’s database manage-
ment soft