Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Setuid root and chown

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Setuid root and chown
# 1  
Old 04-01-2005
Setuid root and chown
I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is?
# 2  
Old 04-01-2005
setuid doesn't usually work with scripts it's a security feature, if you check you will find that the script does not run as root.

You will need a biary wrapper to allow you to do that, or possibly you could do it with Perl.
Last edited by reborg; 04-01-2005 at 08:07 PM..
# 3  
Old 04-01-2005
make sure that you're not running the script on a mounted filesystem that has the "nosuid" bit on ...
# 4  
Old 04-01-2005
Quote:
Originally Posted by reborg
setuid doesn't usually work with scripts it's a security feature, if you check you will find that the script does not run as root.

You will need a biary wrapper to allow you to do that, or possibly you could do it with Perl.
i actually just tested a quick script on solaris 9 with suid bit set and it does work ...
Code:
$ id
uid=1001(otto) gid=10(staff)
$ ls -l test
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$ cat test
#! /bin/ksh
chown otto joke
chmod 444 joke
ls -l joke
exit 0
$ ./test
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
$ ls -l
total 64
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$

# 5  
Old 04-01-2005
Quote:
Originally Posted by Just Ice
i actually just tested a quick script on solaris 9 with suid bit set and it does work ...
Code:
$ id
uid=1001(otto) gid=10(staff)
$ ls -l test
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$ cat test
#! /bin/ksh
chown otto joke
chmod 444 joke
ls -l joke
exit 0
$ ./test
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
$ ls -l
total 64
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$

But who was joke originally owned by?

Only kidding it did work for me too on Solaris 9, but I was pretty sure it shouldn't.
Last edited by reborg; 04-01-2005 at 08:57 PM..
# 6  
Old 04-02-2005
See this post.
# 7  
Old 04-02-2005
Thanks Perderabo, I stand enlightened.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

2. Red Hat

Find and Chown all files in a DIR except for Root

RHEL 6.3 Could someone tell me how to use the find and chown command to replace all files in a directory owned by user1 (for this example) and replace with user1:group1? Most importantly I dont want to change any files owned by root. I recently used the following command but it changed the root... (4 Replies)
Discussion started by: gps1976
4 Replies

3. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

4. Solaris

Need help with setuid.

Hi Gurus, I need your suggestions,to implement setuid. Here is the situation. I have a user xyz on a solaris zone.He needs to install a package using a pkgadd command but i guess only a root can run that .Is there any way I can set the setuid bit on the pkgadd which is in the location... (6 Replies)
Discussion started by: rama krishna
6 Replies

5. UNIX for Dummies Questions & Answers

chown: Operation not permitted as root

Hi Expert, I am trying to change ownership of one file to another user that is exist in the system but getting operation not permitted error what could be the correct way? # ls -lh .Xauthority_ori -rw------- 1 maxim atlas 2.8K Jul 27 17:18 .Xauthority_ori # id -a uid=0(root)... (8 Replies)
Discussion started by: regmaster
8 Replies

6. AIX

sudo must be setuid root.

Guy's I'm trying to add some lines in sudo by useing this command visudo # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL #... (5 Replies)
Discussion started by: ITHelper
5 Replies

7. UNIX for Dummies Questions & Answers

chown -R under root directory

Hi I executed command "chown -R xxx:xxx /" with user root... and it was too late when I found the mistake. Ownership of some files under the root directory had already become xxx:xxx. Is there a way that can recovery the ownership of all my files back to the point where they were? I really thanks. (2 Replies)
Discussion started by: password636
2 Replies

8. UNIX for Dummies Questions & Answers

setuid

could u plz give me clear idea of spcial permissions setuid,getuid and striky bit . (1 Reply)
Discussion started by: Prem
1 Replies

9. UNIX for Advanced & Expert Users

Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue

Hi, I have a program with the following suid setup -rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above. But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies

10. UNIX for Advanced & Expert Users

setuid

I have a C wrapper programme which basically execute a shell script. The shell script has 700 as permission and oracle is owner of the shell script. The C execuatble has 4711 permission so that means that it has setuid bit set and group and others can execute the C executable. The reason why I am... (2 Replies)
Discussion started by: sanjay92
2 Replies
Login or Register to Ask a Question