Re: setuid (stupid question)

From: Wojtek Walczak (gminick@hacker.pl)
Date: 03/22/03 

From: Wojtek Walczak <gminick@hacker.pl>
Date: Sat, 22 Mar 2003 19:36:51 +0000 (UTC)

Dnia Sat, 22 Mar 2003 19:00:54 +0100, Julien Le Goff napisał(a):
> I'm trying to understand how suid works, but I have some problems. Here is
> what I understood: when a program is setuid, a user can execute it as if
> he were the user who owns it.
[...]
> If I execute the script as if I were root, then I should be able to see
> inside /root/, shouldn't I?
SUID bit won't work with shell scripts, but you can always write it in C:

% cat c.c
 #include <stdio.h>
 #include <errno.h>
 #include <string.h>
 #include <stdlib.h>
 #include <dirent.h>
 #include <sys/types.h>

 int main(void)
 {
    DIR * dir;
    struct dirent *dirent;

    if((dir = opendir("/root"))==NULL) {
       fprintf(stderr, "opendir() error: %s\n", strerror(errno));
       exit(errno);
    }

    while((dirent=readdir(dir))) {
       printf("%s\n", dirent->d_name);
    }
    if(closedir(dir) == -1) {
       fprintf(stderr, "closedir() error: %s\n", strerror(errno));
       exit(errno);
    }
    return 0;
 }

% gcc c.c -oeles
% ./eles
opendir() error: Permission denied
% su
Password:
# chown root ./eles
# chmod +s ./eles
# exit
% ./eles|wc -l
     35
%

...as you can see - now it works. 

-- 
[ Wojtek Walczak - gminick (at) underground.org.pl ]
[        <http://gminick.linuxsecurity.pl/>        ]
[ "...rozmaite zwroty, matowe od patyny dawnosci." ]

Relevant Pages

  • Re: setuid (stupid question)
    ... ]>> SUID bit won't work with shell scripts, but you can always write it in C: ... ]is executed with the IFS variable set to / it will try to execute a program ... ]chown root /tmp/foosh ... execute your program, ...
    (comp.os.linux.security)
  • Re: y wont this work: chmod u+s /bin/sh
    ... > The kernel ignores the suid bit for shell scripts due to ... When you execute a program, ... > suid bit is ignored for scripts. ...
    (comp.os.linux.security)
  • Re: y wont this work: chmod u+s /bin/sh
    ... The kernel ignores the suid bit for shell scripts due to ... When you execute a program, ...
    (comp.os.linux.security)
  • Re: Established method to enable suid scripts?
    ... as the suid when it executed the file. ... FreeBSD existed as such. ... from which the functionality was deleted. ... execute function of the operating system. ...
    (freebsd-questions)
  • "setuid(UID)" and "chmod 4550" misbehaving
    ... # gcc -o chgsaslpasswd chgsaslpasswd.c ... thereby BECOME user cyrus for the duration of the run, ... which should execute this SUID as cyrus. ...
    (Debian-User)