Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue
Top Forums UNIX for Advanced & Expert Users Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue Post 302085434 by blowtorch on Thursday 17th of August 2006 09:19:07 AM
Old 08-17-2006
Are you actually calling the setuid() system call inside that code? If you are not and are only setting the setuid bit on the file, then only the euid is set to root. The difference is seen here:
Code:
#include<stdio.h>
#include<unistd.h>  
int main() {          
   fprintf(stdout,"euid: %d",geteuid());
   fprintf(stdout,"uid: %d",getuid());
   execl("/bin/sh","sh",0);
}

Code:
#include<stdio.h>
#include<unistd.h>  
int main() {          
   setuid(0);
   fprintf(stdout,"euid: %d",geteuid());
   fprintf(stdout,"uid: %d",getuid());
   execl("/bin/sh","sh",0);
}

Complie both the codes, set the suid flag and run them. The id and the whoami commands should show you the difference.

It is most likely that the code that you are using has not used the setuid call.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Setuid root and chown

I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Discussion started by: johnmsucpe
6 Replies

2. UNIX for Dummies Questions & Answers

To:blowtorch - Setuid uid/euid issue

Hi, Its a shell script. rws by root, r_s by group named "other" and r_x by all others. How can i set the uid from inside a setuid program. please let me know. Also I dont have a c compiler on the system. Thanks Reply With Quote (0 Replies)
Discussion started by: 0ktalmagik
0 Replies

3. Solaris

EUID set for all non-root users

We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies

4. AIX

sudo must be setuid root.

Guy's I'm trying to add some lines in sudo by useing this command visudo # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL #... (5 Replies)
Discussion started by: ITHelper
5 Replies

5. Solaris

rbac and execution attributes (uid and euid)

Hi all, I have a question to see if I understand the euid and uid attributes correctly for rbac (/etc/security/exec_attr): All: * Audit Control: /etc/init.d/audit euid=0, egid=3 /etc/security/bsmconv uid=0 /etc/security/bsmunconv uid=0 /usr/sbin/audit euid=0 /usr/sbin/auditconfig... (6 Replies)
Discussion started by: deadeyes
6 Replies

6. Solaris

New root account with Different UID number

Hi Unix Gurus . I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ? this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies

7. AIX

Equivalent uid to root

Hi all I have a strange problem on one my my AIX machines. We have created a user called testroot with the same UID as root (uid=0) by changing the uid of that user in the /etc/passwd file. I know that this is a security breach but this is a test system. Now the strange thing that happens is that... (3 Replies)
Discussion started by: abohmeed
3 Replies

8. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

9. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

10. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

LEARN ABOUT PLAN9

geteuid32

GETUID(2)						     Linux Programmer's Manual							 GETUID(2)

NAME

       getuid, geteuid - get user identity

SYNOPSIS

       #include <unistd.h>
       #include <sys/types.h>

       uid_t getuid(void);
       uid_t geteuid(void);

DESCRIPTION

       getuid() returns the real user ID of the calling process.

       geteuid() returns the effective user ID of the calling process.

ERRORS

       These functions are always successful.

CONFORMING TO

       POSIX.1-2001, POSIX.1-2008, 4.3BSD.

NOTES

   History
       In UNIX V6 the getuid() call returned (euid << 8) + uid.  UNIX V7 introduced separate calls getuid() and geteuid().

       The  original  Linux  getuid()  and  geteuid()  system  calls supported only 16-bit user IDs.  Subsequently, Linux 2.4 added getuid32() and
       geteuid32(), supporting 32-bit IDs.  The glibc getuid() and geteuid() wrapper functions transparently deal with the variations across  ker-
       nel versions.

SEE ALSO

       getresuid(2), setreuid(2), setuid(2), credentials(7)

COLOPHON

       This  page is part of release 4.15 of the Linux man-pages project.  A description of the project, information about reporting bugs, and the
       latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.

Linux								    2017-09-15								 GETUID(2)
All times are GMT -4. The time now is 02:58 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy