Originally posted by halfling Fairly simple and quick test to setup . Notice the effective uid and read uid are different.
The use of /usr/ucb suggested that you are using SunOS. I tried a similiar script and verified that SunOS 5.6 does indeed support setuid shell scripts. Whoa! I didn't know that...
I tried the following script also setuid to root and invoked by an ordinary user:
And I tracked down the ksh command in "ps". It showed up as "/usr/bin/ksh /dev/fd/3". Any unix version with a fd psuedo-filesystem can use the same trick. This closes that nasty setuid shell script problem completely. This doesn't mean that setuid shell scripts are totally safe, but they are as safe as they would be if sudo invoked them.
I have a file ( /tmp/file.txt ) , the file owner is user1:edp , the permission is 644 , I want everyone can overwrite the file but don't change the file owner and permssion , could suggest what can I do ? thx (2 Replies)
there is a directory eg. /home/edp/ , all the files under this directory :
1. the file and directory owner is "user1" ,
2. the permission is 644
I want everyone hv permission to overwrite all files and write a new file to it , but I want the file owner and permssion keep unchange , could... (1 Reply)
Hi Folks
I have a file with the following permission.
-r-sr-lr-- 1 apps appsgp 7612 Dec 19 2001 startup
Any idea what is the in the group means? In my mind I believe I need to be root to set l in the group. Am I right?
I don't have root access now. When I (as apps) a chmod... (2 Replies)
Hi,
When I listed one directory in Sun, it showed that :
-rwsr-xr-x 1 root bsmbin 78004 Oct 21 2004 bsmprsm
I don't know meaning of the character "s" in "rws" above. I have searched in Sun admin documents but no result. Would you please explain it ? :)
Thank you so much. (1 Reply)
Hello,
i need some help/advice on how to solve a particular problem.
these are the users:
|name | group |
---------- ---------------
|boss | department1 |
|assistant | department1 |
|employee | department1 |
|spy | department2 |
this is the... (0 Replies)
hi frnds
can u explain
/etc/shadow file have read and write permissions for root only
but while normal user changes his passwd it also updated in that file whats the logic behind that. (2 Replies)
Hi All,
https://www.unix.com/unix-advanced-expert-users/105758-chmod-parent-sub-directories.html
I have to change permission for the directories and subdirectories in single command
when googled i found some updates but i understand what is switch.
If there is a command please... (2 Replies)
I have an application with the user mark and another user james is trying to run the application and ending up with file permission issues.
The user mark has set the umask as 002, I wanted to have a setting so that anyone can run the application without any file permission issues. Can anyone... (2 Replies)
Hi Friends,
I want to create one user on my server in such a way that when he logged in by ssh on server,he can able to access ONLY /var/www/drupal-6.2 this directory. Please tell me how should i do that. (4 Replies)
Hello All
I have a file with rw-rw-r permission
I need to mv the file into different directory (dir has rwx-rwx-rwx permission)
with an others permission
The application which is moving the file falls in other group
I am getting the error
mv cannot renamed permission denied
... (12 Replies)
Discussion started by: Pratik4891
12 Replies
LEARN ABOUT REDHAT
setuid
SETUID(2) Linux Programmer's Manual SETUID(2)NAME
setuid - set user identity
SYNOPSIS
#include <sys/types.h>
#include <unistd.h>
int setuid(uid_t uid);
DESCRIPTION
setuid sets the effective user ID of the current process. If the effective userid of the caller is root, the real and saved user ID's are
also set.
Under Linux, setuid is implemented like the POSIX version with the _POSIX_SAVED_IDS feature. This allows a setuid (other than root) pro-
gram to drop all of its user privileges, do some un-privileged work, and then re-engage the original effective user ID in a secure manner.
If the user is root or the program is setuid root, special care must be taken. The setuid function checks the effective uid of the caller
and if it is the superuser, all process related user ID's are set to uid. After this has occurred, it is impossible for the program to
regain root privileges.
Thus, a setuid-root program wishing to temporarily drop root privileges, assume the identity of a non-root user, and then regain root priv-
ileges afterwards cannot use setuid. You can accomplish this with the (non-POSIX, BSD) call seteuid.
RETURN VALUE
On success, zero is returned. On error, -1 is returned, and errno is set appropriately.
ERRORS
EPERM The user is not the super-user, and uid does not match the real or saved user ID of the calling process.
CONFORMING TO
SVr4, SVID, POSIX.1. Not quite compatible with the 4.4BSD call, which sets all of the real, saved, and effective user IDs. SVr4 documents
an additional EINVAL error condition.
LINUX-SPECIFIC REMARKS
Linux has the concept of filesystem user ID, normally equal to the effective user ID. The setuid call also sets the filesystem user ID of
the current process. See setfsuid(2).
If uid is different from the old effective uid, the process will be forbidden from leaving core dumps.
SEE ALSO getuid(2), setreuid(2), seteuid(2), setfsuid(2)Linux 1.1.36 1994-07-29 SETUID(2)