|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue
Post 302085531 by blowtorch on Friday 18th of August 2006 12:38:04 AM
08-18-2006
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Discussion started by: johnmsucpe
6 Replies
2. UNIX for Dummies Questions & Answers
Hi,
Its a shell script. rws by root, r_s by group named "other" and r_x by all others.
How can i set the uid from inside a setuid program. please let me know.
Also I dont have a c compiler on the system.
Thanks
Reply With Quote (0 Replies)
Discussion started by: 0ktalmagik
0 Replies
3. Solaris
We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies
4. AIX
Guy's
I'm trying to add some lines in sudo by useing this command visudo
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
#... (5 Replies)
Discussion started by: ITHelper
5 Replies
5. Solaris
Hi all,
I have a question to see if I understand the euid and uid attributes correctly for rbac (/etc/security/exec_attr):
All:
*
Audit Control:
/etc/init.d/audit euid=0, egid=3
/etc/security/bsmconv uid=0
/etc/security/bsmunconv uid=0
/usr/sbin/audit euid=0
/usr/sbin/auditconfig... (6 Replies)
Discussion started by: deadeyes
6 Replies
6. Solaris
Hi Unix Gurus .
I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ?
this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies
7. AIX
Hi all
I have a strange problem on one my my AIX machines. We have created a user called testroot with the same UID as root (uid=0) by changing the uid of that user in the /etc/passwd file. I know that this is a security breach but this is a test system.
Now the strange thing that happens is that... (3 Replies)
Discussion started by: abohmeed
3 Replies
8. Shell Programming and Scripting
I need to list users in /etc/passwd with root's GID or UID or /root as home directory
If we have these entries in /etc/passwd
root:x:0:0:root:/root:/bin/bash
rootgooduser1:x:100:100::/home/gooduser1:/bin/bash
baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies
9. UNIX for Dummies Questions & Answers
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
10. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT CENTOS
fs_getcellstatus
FS_GETCELLSTATUS(1) AFS Command Reference FS_GETCELLSTATUS(1) NAME
fs_getcellstatus - Reports whether setuid programs are honored in a cell SYNOPSIS
fs getcellstatus -cell <cell name>+ [-help] fs getce -c <cell name>+ [-h] DESCRIPTION
The fs getcellstatus command reports whether the Cache Manager allows programs fetched from each specified cell to run with setuid permission. To set a cell's setuid status, use the fs setcell command; fs_setcell(1) fully describes how AFS treats setuid programs. OPTIONS
-cell <cell name>+ Names each cell for which to report setuid status. Provide the fully qualified domain name, or a shortened form that disambiguates it from the other cells listed in the local /etc/openafs/CellServDB file. -help Prints the online help for this command. All other valid options are ignored. OUTPUT
The output reports one of the following two values as appropriate: Cell <cell> status: setuid allowed Cell <cell> status: no setuid allowed EXAMPLES
The following example indicates that programs from the cell "abc.com" are not allowed to run with setuid permission. % fs getcellstatus abc.com Cell abc.com status: no setuid allowed PRIVILEGE REQUIRED
None SEE ALSO
CellServDB(5), fs_setcell(1) COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. OpenAFS 2012-03-26 FS_GETCELLSTATUS(1)