Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [Solved] effective user id upon exec
Top Forums UNIX for Dummies Questions & Answers [Solved] effective user id upon exec Post 302572332 by jim mcnamara on Wednesday 9th of November 2011 03:45:38 PM
Old 11-09-2011
No. I'm saying that is expected behavior for POSIX compliant systems. CentOS does not claim to be fully POSIX-compliant.

It is a mix of of open-source components mostly from linux distributions. The code has been modified and then incorporated into the CentOS distibution.

The behavior you have is not compliant as far as I can see.
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

Changing effective user

I would like to give execution rights for a script to one user. (that's the easy part...) When that user is running the script, I would like the effective user ID to be that of the file-owner. Is this possible? (6 Replies)
Discussion started by: hilmel
6 Replies

2. Shell Programming and Scripting

exec script as user on boot not root

Is there a way to change a process owned by root to be owned by another user. I am interested in finding out if there is a way to put a script in /etc/rc2.d that will start up automatically on reboot that will not be owned by root This is for security reasons.. The Service that runs on my server... (7 Replies)
Discussion started by: chipmunken
7 Replies

3. Shell Programming and Scripting

[Solved] Use of until loop for user confirmation

Below is my script that is using to rename the name of file .Here I am using two methods to pass the both arguments wih script name or run the script and give the input one by one.But my issue is I want to rename the name of the file if user select Y(y) then it should rename the file else select... (4 Replies)
Discussion started by: anuragpgtgerman
4 Replies

4. Shell Programming and Scripting

Script Variables Inquiry, Values Okay in Standalone Exec, No-Show in Cron Exec

I have the following bash script lines in a file named test.sh. #!/bin/bash # # Write Date to cron.log # echo "Begin SSI Load $(date +%d%b%y_%T)" # # Get the latest rates file for processing. # d=$(ls -tr /rms/data/ssi | grep -v "processed" | tail -n 1) filename=$d export filename... (3 Replies)
Discussion started by: ginowms
3 Replies

5. HP-UX

[Solved] mailx : unknown user issue

Hi all, I know this issues has been discussed multiple times, i have gone through many such discussion but unfortunately i am still not able to solve the issue being faced. I have configured the sendmail.cf with the smtp host name (Editing the entry starting with DS...) Post that restarted... (7 Replies)
Discussion started by: chpsam
7 Replies

6. UNIX for Dummies Questions & Answers

[Solved] weird in find -exec command

i feel weird with this 2 command find /tmp/*test* -user `whoami` -mtime +1 -type f -exec rm -f {}\; find /tmp/*test* -user `whoami` -mtime +1 -type f -exec ls -lrt {}\; the first one return correct which only delete those filename that consist *test* where second command it listed all the... (12 Replies)
Discussion started by: lsy
12 Replies

7. UNIX for Dummies Questions & Answers

[Solved] Loading user profile

I need some help on solaris, setting java path: $ PATH=/var/tmp/jdk1.5.0_22/jre/bin $ export PATH $ java -version I got the correct version for the application to run, which is: java version "1.5.0_22" Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_22-b03) Java... (7 Replies)
Discussion started by: fretagi
7 Replies

8. Shell Programming and Scripting

[solved] awk: placement of user-defined functions

Hi folks, is there any recommendation, especially from a point of performance, about where to place a user-defined function in awk, like in BEGIN{} or if it is only need once at the end in END{}? Or doesn't it matter at all since, awk is so clever and only interprets it once, wherever it is... (3 Replies)
Discussion started by: zaxxon
3 Replies

9. UNIX for Advanced & Expert Users

Regarding real example of user of semicolon(;) and + in find/exec command.

Hello All, Was recently working on an requirement where we have to search files more than a specific number, following is the example on same. Let's say file names are test_40000.txt,test_40001.txt and so on till test_99999.txt. Now requirement was to search from find command only those... (1 Reply)
Discussion started by: RavinderSingh13
1 Replies

10. Programming

Real, effective and saved user id in C program

I figured it out by now. (0 Replies)
Discussion started by: Ralph
0 Replies

LEARN ABOUT FREEBSD

setuid

SETUID(2)						      BSD System Calls Manual							 SETUID(2)

NAME

     setuid, seteuid, setgid, setegid -- set user and group ID

LIBRARY

     Standard C Library (libc, -lc)

SYNOPSIS

     #include <sys/types.h>
     #include <unistd.h>

     int
     setuid(uid_t uid);

     int
     seteuid(uid_t euid);

     int
     setgid(gid_t gid);

     int
     setegid(gid_t egid);

DESCRIPTION

     The setuid() system call sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value.  The
     setuid() system call is permitted if the specified ID is equal to the real user ID or the effective user ID of the process, or if the effec-
     tive user ID is that of the super user.

     The setgid() system call sets the real and effective group IDs and the saved set-group-ID of the current process to the specified value.  The
     setgid() system call is permitted if the specified ID is equal to the real group ID or the effective group ID of the process, or if the
     effective user ID is that of the super user.

     The seteuid() system call (setegid()) sets the effective user ID (group ID) of the current process.  The effective user ID may be set to the
     value of the real user ID or the saved set-user-ID (see intro(2) and execve(2)); in this way, the effective user ID of a set-user-ID exe-
     cutable may be toggled by switching to the real user ID, then re-enabled by reverting to the set-user-ID value.  Similarly, the effective
     group ID may be set to the value of the real group ID or the saved set-group-ID.

RETURN VALUES

     Upon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variable errno is set to indicate the
     error.

ERRORS

     The system calls will fail if:

     [EPERM]		The user is not the super user and the ID specified is not the real, effective ID, or saved ID.

SEE ALSO

     getgid(2), getuid(2), issetugid(2), setregid(2), setreuid(2)

STANDARDS

     The setuid() and setgid() system calls are compliant with the ISO/IEC 9945-1:1990 (``POSIX.1'') specification with _POSIX_SAVED_IDS not
     defined with the permitted extensions from Appendix B.4.2.2.  The seteuid() and setegid() system calls are extensions based on the POSIX con-
     cept of _POSIX_SAVED_IDS, and have been proposed for a future revision of the standard.

HISTORY

     The setuid() and setgid() functions appeared in Version 7 AT&T UNIX.

SECURITY CONSIDERATIONS

     Read and write permissions to files are determined upon a call to open(2).  Once a file descriptor is open, dropping privilege does not
     affect the process's read/write permissions, even if the user ID specified has no read or write permissions to the file.  These files nor-
     mally remain open in any new process executed, resulting in a user being able to read or modify potentially sensitive data.

     To prevent these files from remaining open after an exec(3) call, be sure to set the close-on-exec flag:

     void
     pseudocode(void)
     {
	     int fd;
	     /* ... */

	     fd = open("/path/to/sensitive/data", O_RDWR);
	     if (fd == -1)
		     err(1, "open");

	     /*
	      * Set close-on-exec flag; see fcntl(2) for more information.
	      */
	     if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1)
		     err(1, "fcntl(F_SETFD)");
	     /* ... */
	     execve(path, argv, environ);
     }

BSD
								   June 4, 1993 							       BSD
All times are GMT -4. The time now is 07:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy