11-30-2011
Quote:
Originally Posted by
kkalyan
Can anyone explain me difference between setuid and sticky bit?
It's the same bit. It just has different meanings in different places.
I don't think it means anything for an ordinary file.
For an executable file, it runs the program as the file's owner -- it sets the UID with the setuid() call,, hence you sometimes hear it called "setuid bit". setuid doesn't work for shell scripts.
For a library file, it means 'remember the contents of this file in swap space', a performance tweak to keep busy libraries closer to memory. Many systems don't honor this anymore.
For directories, it means "only a file's owner is allowed to delete files in this directory". The usual behavior is that anyone with write-permissions can delete files.
Quote:
and also between setuid and chown?
setuid is a flag. chown is a program.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a questions, whose answer may be very obvious:
Of what use is the sticky-bit permission on a Unix system?
I have looked at the chmod(1) man page on our HP-UX playground
system, and haven't been given much explanation:
Add or delete the save-text-image-on-file-
execution (sticky... (3 Replies)
Discussion started by: LivinFree
3 Replies
2. UNIX for Dummies Questions & Answers
I have a script that I want to be able to let user 'wcs1234' execute it, but when it runs, it will do so under the higher authority of 'cdunix'. It is my understanding that I accomplish this with a sticky bit. I have tried every variation of this but am unable to get this to work.
my script is... (2 Replies)
Discussion started by: hedrict
2 Replies
3. UNIX for Advanced & Expert Users
I have a binary. It is having the following permissions
rws rws rwx mqm:mqm runmqtrm
The same program on another machine is
rws rws rwx root: mqm runmqtrm
This program is a setuid program.
This is what my understanding is. Whatever user the program is started under, it will finally be... (0 Replies)
Discussion started by: bandaru
0 Replies
4. UNIX for Dummies Questions & Answers
I have the sticky bit set on my /tmp directory, but users are still able to remove files that are not owned by them. Does the /etc/group file get invloved in securing these files ?? (1 Reply)
Discussion started by: rob11g
1 Replies
5. Shell Programming and Scripting
Hi frns,
What is command to list out all dir's for which sticky bit has been set.
Regards,
Manu (2 Replies)
Discussion started by: manu.vmr
2 Replies
6. UNIX for Dummies Questions & Answers
Hi ,
I am having file permision as
drwxrwsr_x
I kwo for deleting a file in the diretory i need w permsion as well ..
Say if i am having the permsion as
drwxrwsrwx - wil any one can delete the files in the directory ..
And one more question what is the s doing there ..... (2 Replies)
Discussion started by: arunkumar_mca
2 Replies
7. UNIX for Dummies Questions & Answers
HI
What is sticky bit?
how can be see if the sticky bit for file is set?
WHat is meaning of sticky bit set on Directory?
What is the syntax to set the sticky bit? With example
Thanks (10 Replies)
Discussion started by: skyineyes
10 Replies
8. Shell Programming and Scripting
I want a file I create to not be deletable by other users so I created a sticky bit by chmod 1644 on the file. chown'd it to root and then tried to delete (via GUI drag to trash and empty) as a non root user and it let me. is sticky bit only good for terminal deletes or something? (4 Replies)
Discussion started by: glev2005
4 Replies
9. AIX
as far as i understand, if sticky bit is set on a directory, the files created under tht directory cannot be deleted by ordinary user...
but we can do ths by permission itself,,, tht's assign only read permission to tht dirrectory
wht 's the difference? (1 Reply)
Discussion started by: udtyuvaraj
1 Replies
10. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT DEBIAN
setuid
SETUID(1) General Commands Manual SETUID(1)
NAME
setuid - run a command with a different uid.
SYNOPSIS
setuid username|uid command [ args ]
DESCRIPTION
Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password
when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find
the command in the path, and execute it. (If the command is a script, execvp() passes the command name to /bin/sh for processing.)
For example,
setuid some_user $SHELL
can be used to start a shell running as another user.
Setuid is useful inside scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
execute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be
used in a non-root mode inside a super script. For example, an operator with permission to modify a certain protected_file could use a
super command that simply does:
cp protected_file temp_file
setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
cp temp_file protected_file
(Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a
temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected
file.)
AUTHOR
Will Deich
local SETUID(1)