hi I have problem with understanding setuid and setgid
in system I have following users:
1st.
I have following simple script, for which I set up suid.
Please consider following rights on /home/marek which is called in script
(chmod 700)
Now when I run script
as user tux
as user cepi
Why script is not running with marek's privileges and don't display contents of marek's home ?
2nd Why I am not possible to set guid for particular file ?
Hi all
I'm getting file info through stat( char *filename, struct stat *buf)
Taking all the file attributes to buf->st_mode,
How can i check the suid bit in there, if suid bit mask is 0004000??
Thank you all (1 Reply)
Hi all,
Thanks for all replays and for reading in advance (as per usual)
Anyhow I have been asked to come up with a list of programs that have SUID root permissions and also for any programs with SGID permissions. Has anyone got any idea with out going through each program indiviually how I... (2 Replies)
Hi
Senario: I have previleges to edit a file F but User B does not have sufficient privs to edit it.
In order for B to edit it I tried an indirect way. I created a script to edit F and SUID this script so that B can execute it with the privs of me. But this is not working . can some one help... (3 Replies)
I'm writing this command/script to allow students to vi a private file of mine
in a private directory of mine. chmod 700 dir chmod 660 file
however since i own the directory and file; the script has to be ran by me so to speak, im just not sure how to set about doing this.
the script is... (5 Replies)
Hi,
I am setting up SUID permissions on a binary.
It gets set for most of the users, however, 1 in 10 users is unable to set these.
For those who works:
> chmod 6555 Test
> ls -l Test
-r-sr-sr-x 1 A B 5524 Nov 15 14:53 Test
For those where it doesn't work:
> chmod 6555 Test... (14 Replies)
Hello
My system is Debian-503-amd64. After I installed the "lpr" package, I found that some files with SUID bit come from this package. As:
ls -l /usr/bin/lp*
....
-rwsr-sr-x 1 root lp 31800 2008-05-20 /usr/bin/lpq
-rwsr-sr-x 1 root lp 28504 2008-05-20 /usr/bin/lpr
-rwsr-sr-x 1... (1 Reply)
Dear all experts in this forum,
I have faced a audit issue as auditor told that we should not have SUID on /bin/su. As I have checked using Google, I found most of the site only telling that /bin/su should have the permission bit as -rwsr-xr-x but never explain why /bin/su need this permission... (4 Replies)
Hey guys,
Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.
However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by... (2 Replies)
Discussion started by: syncmaster
2 Replies
LEARN ABOUT OPENDARWIN
setegid
SETUID(2) BSD System Calls Manual SETUID(2)NAME
setuid, seteuid, setgid, setegid -- set user and group ID
SYNOPSIS
#include <sys/types.h>
#include <unistd.h>
int
setuid(uid_t uid);
int
seteuid(uid_t euid);
int
setgid(gid_t gid);
int
setegid(gid_t egid);
DESCRIPTION
The setuid() function sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value. The
setuid() function is permitted if the effective user ID is that of the super user, or if the specified user ID is the same as the effective
user ID. If not, but the specified user ID is the same as the real user ID, setuid() will set the effective user ID to the real user ID.
The setgid() function sets the real and effective group IDs and the saved set-group-ID of the current process to the specified value. The
setgid() function is permitted if the effective user ID is that of the super user, or if the specified group ID is the same as the effective
group ID. If not, but the specified group ID is the same as the real group ID, setgid() will set the effective group ID to the real group
ID.
The seteuid() function (setegid()) sets the effective user ID (group ID) of the current process. The effective user ID may be set to the
value of the real user ID or the saved set-user-ID (see intro(2) and execve(2)); in this way, the effective user ID of a set-user-ID exe-
cutable may be toggled by switching to the real user ID, then re-enabled by reverting to the set-user-ID value. Similarly, the effective
group ID may be set to the value of the real group ID or the saved set-user-ID.
RETURN VALUES
Upon success, these functions return 0; otherwise -1 is returned.
If the user is not the super user, or the uid specified is not the real, effective ID, or saved ID, these functions return -1.
SEE ALSO getuid(2), getgid(2)STANDARDS
The setuid() and setgid() functions are compliant with the ISO/IEC 9945-1:1990 (``POSIX.1'') specification with _POSIX_SAVED_IDS defined,
with the extensions allowed in section B.4.2.2. The seteuid() and setegid() functions are extensions based on the POSIX concept of
_POSIX_SAVED_IDS, and have been proposed for a future revision of the standard.
4.2 Berkeley Distribution June 4, 1993 4.2 Berkeley Distribution