Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue
Top Forums UNIX for Advanced & Expert Users Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue Post 302085531 by blowtorch on Friday 18th of August 2006 12:38:04 AM
Old 08-18-2006
OK, what system are you using? Quite a few systems do not honour the setuid bit on the shell script, as they (setuid scripts) are considered a security hazard.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Setuid root and chown

I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Discussion started by: johnmsucpe
6 Replies

2. UNIX for Dummies Questions & Answers

To:blowtorch - Setuid uid/euid issue

Hi, Its a shell script. rws by root, r_s by group named "other" and r_x by all others. How can i set the uid from inside a setuid program. please let me know. Also I dont have a c compiler on the system. Thanks Reply With Quote (0 Replies)
Discussion started by: 0ktalmagik
0 Replies

3. Solaris

EUID set for all non-root users

We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies

4. AIX

sudo must be setuid root.

Guy's I'm trying to add some lines in sudo by useing this command visudo # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL #... (5 Replies)
Discussion started by: ITHelper
5 Replies

5. Solaris

rbac and execution attributes (uid and euid)

Hi all, I have a question to see if I understand the euid and uid attributes correctly for rbac (/etc/security/exec_attr): All: * Audit Control: /etc/init.d/audit euid=0, egid=3 /etc/security/bsmconv uid=0 /etc/security/bsmunconv uid=0 /usr/sbin/audit euid=0 /usr/sbin/auditconfig... (6 Replies)
Discussion started by: deadeyes
6 Replies

6. Solaris

New root account with Different UID number

Hi Unix Gurus . I have requirement where in which - I would like create duplicate root equivalent account with all the privileges equal to root. Is it possible to create this duplicate account with different UID. ? this id i would like give it to my teams - who does multiple activities using... (2 Replies)
Discussion started by: johnavery50
2 Replies

7. AIX

Equivalent uid to root

Hi all I have a strange problem on one my my AIX machines. We have created a user called testroot with the same UID as root (uid=0) by changing the uid of that user in the /etc/passwd file. I know that this is a security breach but this is a test system. Now the strange thing that happens is that... (3 Replies)
Discussion started by: abohmeed
3 Replies

8. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

9. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

10. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

LEARN ABOUT HPUX

secure_sid_scripts

secure_sid_scripts(5)						File Formats Manual					     secure_sid_scripts(5)

NAME

       secure_sid_scripts - controls whether setuid and setgid bits on scripts are honored

VALUES

   Failsafe
   Default
   Allowed values
   Recommended values
DESCRIPTION

       This  tunable  controls	whether and bits on executable scripts have any effect.  Honoring on scripts make a system vulnerable to attack by
       malicious users.

       The default value for this variable is 1, indicating that bits are to be ignored by the execve(2) system call  for  higher  security.   The
       tunable	can  be set to 0 for a compatibility with older releases at the expense of security.  Hewlett-Packard strongly recommends that you
       not change the value of this tunable unless there is an urgent need to do so.

       When a script with bits is executed, the kernel generates the following error message to both the terminal controlling and the system  log.
       (To view the error message, use dmesg(1M) or inspect

   Who is Expected to Change This Tunable?
       Administrator.

   Restrictions on Changing
       Changes to this tunable take effect for new scripts started after the change.

   When Should the Value of This Tunable Be Changed?
       This  tunable  controls	operational  modes  rather  than data structure sizes and limits.  The appropriate setting for a system depends on
       whether you consider security or compatibility to be most important.

       A value of is compatible with previous releases of HP-UX, but it is also less secure.

       A value of provides security against race condition attacks exploiting scripts.

   What Are the Side Effects of Changing the Value
       This tunable controls only executable scripts (not programs) with bit set.  HP-UX does not ship with any such  scripts.	 If  the  customer
       wishes  to use scripts, third party applications such as or can be used.  Alternatively, the shell script can be wrapped in a simple C pro-
       gram that runs the shell script with appropriate permissions:

   What Other Tunable Values Should Be Changed at the Same Time?
       None.

WARNINGS

       None.  All HP-UX kernel tunable parameters are release specific.  This parameter may be removed or  have  its  meaning  changed	in  future
       releases of HP-UX.

       Installation  of  optional  kernel  software, from HP or other vendors, may cause changes to tunable parameter values.  After installation,
       some tunable parameters may no longer be at the default or recommended values.  For information about the effects of installation  on  tun-
       able  values,  consult  the documentation for the kernel software being installed.  For information about optional kernel software that was
       factory installed on your system, see at

FILES

AUTHOR

       was developed by HP.

SEE ALSO

       chmod(1), execve(2), kctune(1M).

							     Tunable Kernel Parameters					     secure_sid_scripts(5)
All times are GMT -4. The time now is 10:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy