Which mechanism uses setuid and setgid bits to allow executables to run with elevated privileges?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which mechanism uses setuid and setgid bits to allow executables to run with elevated privileges?

Explanation:
The concept here is using the setuid and setgid bits on executables to run with higher privileges. When an executable has the setuid bit set, it runs with the privileges of the file owner (often root), regardless of who launches it. The setgid bit does the same for the file’s group. This mechanism lets programs perform privileged actions without the caller having those privileges themselves—for example, a password-changing tool needs root access to modify system authentication files, so it can be installed with setuid root to carry out that task securely (assuming the code is safe). Other options don’t rely on these permission bits. A web shell is just a remote interface to a system, not a built-in privilege mechanism. sudo is a separate privilege-escalation tool that uses policy configuration to grant rights, not a binary that runs with elevated privileges simply because it has setuid bits. Kernel exploits are about taking advantage of flaws in the kernel, not about how setuid/setgid bits grant elevated privileges.

The concept here is using the setuid and setgid bits on executables to run with higher privileges. When an executable has the setuid bit set, it runs with the privileges of the file owner (often root), regardless of who launches it. The setgid bit does the same for the file’s group. This mechanism lets programs perform privileged actions without the caller having those privileges themselves—for example, a password-changing tool needs root access to modify system authentication files, so it can be installed with setuid root to carry out that task securely (assuming the code is safe).

Other options don’t rely on these permission bits. A web shell is just a remote interface to a system, not a built-in privilege mechanism. sudo is a separate privilege-escalation tool that uses policy configuration to grant rights, not a binary that runs with elevated privileges simply because it has setuid bits. Kernel exploits are about taking advantage of flaws in the kernel, not about how setuid/setgid bits grant elevated privileges.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy