Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [Solved] effective user id upon exec
Top Forums UNIX for Dummies Questions & Answers [Solved] effective user id upon exec Post 302572263 by oviv on Wednesday 9th of November 2011 12:26:11 PM
Old 11-09-2011
[Solved] effective user id upon exec
Hello all.
Despite the exec man page, the exec system call seems to turn my effective-user-id into my real-user-id.

I coded and compiled 2 very simple c programs as user 1 (uid=501)
The first one (A) prints real and effective user IDs and then execs the second one (B), which in turn prints its IDs.
I then added the set-user-id bit to A's permissions:
chmod ug+s A
Didn't change B at all.
Finally user 2 (uid=502) launched A.

Here is the output:
[user2@grmdcis06 tmp]$ ./A
UID GID
Real 502 Real 502
Effective 501 Effective 500
Executing command...
UID GID
Real 502 Real 502
Effective 502 Effective 502

As it turns out, the effective user id gets changed by the exec.

A:
Code:
#include <stdio.h>
#include <stdlib.h>
int main ()
{
  printf(
        "         UID           GID  \n"
        "Real      %d  Real      %d  \n"
        "Effective %d  Effective %d  \n",
        getuid (),     getgid (),
        geteuid(),     getegid()
        );
  printf ("Executing command...\n");
  execl ("./B", NULL);
}


B:
Code:
#include <stdio.h>
#include <stdlib.h>
int main ()
{
  printf(
        "         UID           GID  \n"
        "Real      %d  Real      %d  \n"
        "Effective %d  Effective %d  \n",
        getuid (),     getgid (),
        geteuid(),     getegid()
        );
  return 0;
}


Any tip for avoiding this?

Thank you in advance

cesare
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

Changing effective user

I would like to give execution rights for a script to one user. (that's the easy part...) When that user is running the script, I would like the effective user ID to be that of the file-owner. Is this possible? (6 Replies)
Discussion started by: hilmel
6 Replies

2. Shell Programming and Scripting

exec script as user on boot not root

Is there a way to change a process owned by root to be owned by another user. I am interested in finding out if there is a way to put a script in /etc/rc2.d that will start up automatically on reboot that will not be owned by root This is for security reasons.. The Service that runs on my server... (7 Replies)
Discussion started by: chipmunken
7 Replies

3. Shell Programming and Scripting

[Solved] Use of until loop for user confirmation

Below is my script that is using to rename the name of file .Here I am using two methods to pass the both arguments wih script name or run the script and give the input one by one.But my issue is I want to rename the name of the file if user select Y(y) then it should rename the file else select... (4 Replies)
Discussion started by: anuragpgtgerman
4 Replies

4. Shell Programming and Scripting

Script Variables Inquiry, Values Okay in Standalone Exec, No-Show in Cron Exec

I have the following bash script lines in a file named test.sh. #!/bin/bash # # Write Date to cron.log # echo "Begin SSI Load $(date +%d%b%y_%T)" # # Get the latest rates file for processing. # d=$(ls -tr /rms/data/ssi | grep -v "processed" | tail -n 1) filename=$d export filename... (3 Replies)
Discussion started by: ginowms
3 Replies

5. HP-UX

[Solved] mailx : unknown user issue

Hi all, I know this issues has been discussed multiple times, i have gone through many such discussion but unfortunately i am still not able to solve the issue being faced. I have configured the sendmail.cf with the smtp host name (Editing the entry starting with DS...) Post that restarted... (7 Replies)
Discussion started by: chpsam
7 Replies

6. UNIX for Dummies Questions & Answers

[Solved] weird in find -exec command

i feel weird with this 2 command find /tmp/*test* -user `whoami` -mtime +1 -type f -exec rm -f {}\; find /tmp/*test* -user `whoami` -mtime +1 -type f -exec ls -lrt {}\; the first one return correct which only delete those filename that consist *test* where second command it listed all the... (12 Replies)
Discussion started by: lsy
12 Replies

7. UNIX for Dummies Questions & Answers

[Solved] Loading user profile

I need some help on solaris, setting java path: $ PATH=/var/tmp/jdk1.5.0_22/jre/bin $ export PATH $ java -version I got the correct version for the application to run, which is: java version "1.5.0_22" Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_22-b03) Java... (7 Replies)
Discussion started by: fretagi
7 Replies

8. Shell Programming and Scripting

[solved] awk: placement of user-defined functions

Hi folks, is there any recommendation, especially from a point of performance, about where to place a user-defined function in awk, like in BEGIN{} or if it is only need once at the end in END{}? Or doesn't it matter at all since, awk is so clever and only interprets it once, wherever it is... (3 Replies)
Discussion started by: zaxxon
3 Replies

9. UNIX for Advanced & Expert Users

Regarding real example of user of semicolon(;) and + in find/exec command.

Hello All, Was recently working on an requirement where we have to search files more than a specific number, following is the example on same. Let's say file names are test_40000.txt,test_40001.txt and so on till test_99999.txt. Now requirement was to search from find command only those... (1 Reply)
Discussion started by: RavinderSingh13
1 Replies

10. Programming

Real, effective and saved user id in C program

I figured it out by now. (0 Replies)
Discussion started by: Ralph
0 Replies

LEARN ABOUT X11R4

setreuid

SETREUID(3P)                                                 POSIX Programmer's Manual                                                SETREUID(3P)

PROLOG

       This  manual page is part of the POSIX Programmer's Manual.  The Linux implementation of this interface may differ (consult the correspond-
       ing Linux manual page for details of Linux behavior), or the interface may not be implemented on Linux.

NAME

       setreuid - set real and effective user IDs

SYNOPSIS

       #include <unistd.h>

       int setreuid(uid_t ruid, uid_t euid);

DESCRIPTION

       The setreuid() function shall set the real and effective user IDs of the current process to the values specified by the ruid and euid argu-
       ments. If ruid or euid is -1, the corresponding effective or real user ID of the current process shall be left unchanged.

       A  process  with  appropriate privileges can set either ID to any value.  An unprivileged process can only set the effective user ID if the
       euid argument is equal to either the real, effective, or saved user ID of the process.

       It is unspecified whether a process without appropriate privileges is permitted to change the real user  ID  to  match  the  current  real,
       effective, or saved set-user-ID of the process.

RETURN VALUE

       Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned and errno set to indicate the error.

ERRORS

       The setreuid() function shall fail if:

       EINVAL The value of the ruid or euid argument is invalid or out-of-range.

       EPERM  The  current process does not have appropriate privileges, and either an attempt was made to change the effective user ID to a value
              other than the real user ID or the saved set-user-ID or an attempt was made to change the real user ID to a value not  permitted  by
              the implementation.

       The following sections are informative.

EXAMPLES

   Setting the Effective User ID to the Real User ID
       The  following  example sets the effective user ID of the calling process to the real user ID, so that files created later will be owned by
       the current user.

              #include <unistd.h>
              #include <sys/types.h>
              ...
              setreuid(getuid(), getuid());
              ...

APPLICATION USAGE

       None.

RATIONALE

       None.

FUTURE DIRECTIONS

       None.

SEE ALSO

       getegid(),  geteuid(),  getgid(),  getuid(),  setegid(),  seteuid(),  setgid(),  setregid(),  setuid(),  the  Base  Definitions  volume  of
       IEEE Std 1003.1-2001, <unistd.h>

COPYRIGHT

       Portions of this text are reprinted and reproduced in electronic form from IEEE Std 1003.1, 2003 Edition, Standard for Information Technol-
       ogy -- Portable Operating System Interface (POSIX), The Open Group Base Specifications Issue 6, Copyright (C) 2001-2003 by the Institute of
       Electrical  and  Electronics  Engineers, Inc and The Open Group. In the event of any discrepancy between this version and the original IEEE
       and The Open Group Standard, the original IEEE and The Open Group Standard is the referee document. The original Standard can  be  obtained
       online at http://www.opengroup.org/unix/online.html .

IEEE
/The Open Group                                                    2003                                                           SETREUID(3P)
All times are GMT -4. The time now is 02:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy