02-23-2012
Please explain setuid bit clearly!
Dear all,
I am newbie with linux, i dont understand any code. I have googled a long time. Please help me explain about setuid bit on linux (Centos 6)
Here:
1/ I chmod u+s for /sbin/iptables but normal user still cannot perform command (ex: /sbin/iptables -L)
2/Someone says : setuid only set on binaries not scripts. But i dont know a way to determine this.
With file /sbin/iptables, it is a script or bin ?
with file /bin/ping, it is a script or bin ( because this file has setuid)
Thanks all,
Sorry for my English.
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have a binary. It is having the following permissions
rws rws rwx mqm:mqm runmqtrm
The same program on another machine is
rws rws rwx root: mqm runmqtrm
This program is a setuid program.
This is what my understanding is. Whatever user the program is started under, it will finally be... (0 Replies)
Discussion started by: bandaru
0 Replies
2. Programming
Hello,
If i have 2 strings str1 and str2, i would like to copy/concatenate str2 to str1, from 1st bit leaving the 0th bit.
How do i do it? (2 Replies)
Discussion started by: jazz
2 Replies
3. Programming
hi all,
i have a critical and specific problem with respect to set uid bit on user and the dll's
for a binary, (under the userid A)
it needs libraries from /usr/lib and informix libraries from $INFORMIXDIR/lib/esql
but this binary should be kicked off from id B,
hence s-bit on user is... (5 Replies)
Discussion started by: matrixmadhan
5 Replies
4. HP-UX
hi i have written small script which will login 2 two different users with su but if we run from normal user it prompts for password so
i chnaged the owner of script to root and added setuid bit
with
chmod u+s <script_name>
but when i run the script i get following message
Warning:... (3 Replies)
Discussion started by: zedex
3 Replies
5. Red Hat
Hi,
OS : Linux
I have an executable (P1) owned by user say "abcd" and the setuid bit is set. And there is another executable (P2) which brings up the process (P1).
When the setuid bit is set, the process P1 is failing, if the setuid bit is not set there is no issue.
I was wondering if... (6 Replies)
Discussion started by: ahamed101
6 Replies
6. UNIX for Dummies Questions & Answers
Can anyone explain me difference between setuid and sticky bit? and also between setuid and chown? (3 Replies)
Discussion started by: kkalyan
3 Replies
7. Shell Programming and Scripting
Hi,
Here is the issue. From the program snippet I have Base: 0x1800000000, Size: 0x3FFE7FFFFFFFF which are of 40 and 56 bits. SO I used use bignum to do the math but summing them up I always failed having correct result.
perl interpreter info,
perl, v5.8.8 built for... (0 Replies)
Discussion started by: rrd1986
0 Replies
8. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT LINUX
ip6tables-apply
IPTABLES-APPLY(8) iptables 1.6.1 IPTABLES-APPLY(8)
NAME
iptables-apply - a safer way to update iptables remotely
SYNOPSIS
iptables-apply [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]}
DESCRIPTION
iptables-apply will try to apply a new rulesfile (as output by iptables-save, read by iptables-restore) or run a command to configure
iptables and then prompt the user whether the changes are okay. If the new iptables rules cut the existing connection, the user will not be
able to answer affirmatively. In this case, the script rolls back to the previous working iptables rules after the timeout expires.
Successfully applied rules can also be written to savefile and later used to roll back to this state. This can be used to implement a store
last good configuration mechanism when experimenting with an iptables setup script: iptables-apply -w /etc/network/iptables.up.rules -c
/etc/network/iptables.up.run
When called as ip6tables-apply, the script will use ip6tables-save/-restore and IPv6 default values instead. Default value for rulesfile is
'/etc/network/iptables.up.rules'.
OPTIONS
-t seconds, --timeout seconds
Sets the timeout in seconds after which the script will roll back to the previous ruleset (default: 10).
-w savefile, --write savefile
Specify the savefile where successfully applied rules will be written to (default if empty string is given:
/etc/network/iptables.up.rules).
-c runcmd, --command runcmd
Run command runcmd to configure iptables instead of applying a rulesfile (default: /etc/network/iptables.up.run).
-h, --help
Display usage information.
-V, --version
Display version information.
SEE ALSO
iptables-restore(8), iptables-save(8), iptables(8).
LEGALESE
Original iptables-apply - Copyright 2006 Martin F. Krafft <madduck@madduck.net>. Version 1.1 - Copyright 2010 GW <gw.2010@tnode.com or
http://gw.tnode.com/>.
This manual page was written by Martin F. Krafft <madduck@madduck.net> and extended by GW <gw.2010@tnode.com or http://gw.tnode.com/>.
Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0.
iptables 1.6.1 IPTABLES-APPLY(8)