|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Create a program illustrating SUID
Post 302788005 by Don Cragun on Sunday 31st of March 2013 09:00:20 PM
03-31-2013
|
|
10 More Discussions You Might Find Interesting
1. Programming
Aloha,
I'm attempting to use a C program to create directories and then use a system call to have another program write .dat files into that directory. I understand that I could use the "system("mkdir directory_name")" function however, I would like my program to create a new directory each time... (3 Replies)
Discussion started by: aloha_boi
3 Replies
2. Programming
Hi ,
I want to create a new user using c program not with unix adduser command .
is it possible to write a cprogram to create a new user account , it should accept username , grouid , group name and all other privilages .
i can use system calls inside c program to do this .
i will... (5 Replies)
Discussion started by: naren_chella
5 Replies
3. Programming
I have a function in a c program that I want to to share with other programs.
How do I create a lib using the cc compiler ? (9 Replies)
Discussion started by: npires
9 Replies
4. Programming
I could not recall the function in C to generate diff type of sounds.
Can somebody help me out. (2 Replies)
Discussion started by: bishweshwar
2 Replies
5. Shell Programming and Scripting
Hi Guru,s/Geek,s
I need help to create RPM names from rpms.
Example :
a2ps-4.14-6.fc10.i386
perl-Email-Find-0.10-2.fc10.noarch
directfb-1.2.7-2.fc10.i386
libid3tag-0.15.1b-7.fc10.i386
apr-util-1.3.7-1.fc10.i386
libquicktime-1.0.3-4.fc10.i386
The Desired Output is :
a2ps... (2 Replies)
Discussion started by: anand.linux1984
2 Replies
6. Homework & Coursework Questions
I need help program in C... :create a program that runs two processes linked oven (1 Reply)
Discussion started by: gizmo16
1 Replies
7. AIX
I am in process of writing a library which can make any application of my product capable of creating core in the application's log folder with a product friendly core file name programatically. In my library I am registering for certain signals e.g. SIGILL, SIGFPE, SIGBUS, SIGSEGV, SIGSYS, SIGABRT... (1 Reply)
Discussion started by: rajeev_ks
1 Replies
8. Solaris
I am in process of writing a library which can make any application of my product capable of creating core in the application's log folder with a product friendly core file name programatically. In my library I am registering for certain signals e.g. SIGILL, SIGFPE, SIGBUS, SIGSEGV, SIGSYS, SIGABRT... (5 Replies)
Discussion started by: rajeev_ks
5 Replies
9. UNIX for Dummies Questions & Answers
Hey guys,
Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.
However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by... (2 Replies)
Discussion started by: syncmaster
2 Replies
10. UNIX for Dummies Questions & Answers
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
LEARN ABOUT SUSE
chown
CHOWN(3P) POSIX Programmer's Manual CHOWN(3P) PROLOG
This manual page is part of the POSIX Programmer's Manual. The Linux implementation of this interface may differ (consult the correspond- ing Linux manual page for details of Linux behavior), or the interface may not be implemented on Linux. NAME
chown - change owner and group of a file SYNOPSIS
#include <unistd.h> int chown(const char *path, uid_t owner, gid_t group); DESCRIPTION
The chown() function shall change the user and group ownership of a file. The path argument points to a pathname naming a file. The user ID and group ID of the named file shall be set to the numeric values con- tained in owner and group, respectively. Only processes with an effective user ID equal to the user ID of the file or with appropriate privileges may change the ownership of a file. If _POSIX_CHOWN_RESTRICTED is in effect for path: * Changing the user ID is restricted to processes with appropriate privileges. * Changing the group ID is permitted to a process with an effective user ID equal to the user ID of the file, but without appropriate privileges, if and only if owner is equal to the file's user ID or ( uid_t)-1 and group is equal either to the calling process' effec- tive group ID or to one of its supplementary group IDs. If the specified file is a regular file, one or more of the S_IXUSR, S_IXGRP, or S_IXOTH bits of the file mode are set, and the process does not have appropriate privileges, the set-user-ID (S_ISUID) and set-group-ID (S_ISGID) bits of the file mode shall be cleared upon suc- cessful return from chown(). If the specified file is a regular file, one or more of the S_IXUSR, S_IXGRP, or S_IXOTH bits of the file mode are set, and the process has appropriate privileges, it is implementation-defined whether the set-user-ID and set-group-ID bits are altered. If the chown() function is successfully invoked on a file that is not a regular file and one or more of the S_IXUSR, S_IXGRP, or S_IXOTH bits of the file mode are set, the set-user-ID and set-group-ID bits may be cleared. If owner or group is specified as ( uid_t)-1 or ( gid_t)-1, respectively, the corresponding ID of the file shall not be changed. If both owner and group are -1, the times need not be updated. Upon successful completion, chown() shall mark for update the st_ctime field of the file. RETURN VALUE
Upon successful completion, 0 shall be returned; otherwise, -1 shall be returned and errno set to indicate the error. If -1 is returned, no changes are made in the user ID and group ID of the file. ERRORS
The chown() function shall fail if: EACCES Search permission is denied on a component of the path prefix. ELOOP A loop exists in symbolic links encountered during resolution of the path argument. ENAMETOOLONG The length of the path argument exceeds {PATH_MAX} or a pathname component is longer than {NAME_MAX}. ENOTDIR A component of the path prefix is not a directory. ENOENT A component of path does not name an existing file or path is an empty string. EPERM The effective user ID does not match the owner of the file, or the calling process does not have appropriate privileges and _POSIX_CHOWN_RESTRICTED indicates that such privilege is required. EROFS The named file resides on a read-only file system. The chown() function may fail if: EIO An I/O error occurred while reading or writing to the file system. EINTR The chown() function was interrupted by a signal which was caught. EINVAL The owner or group ID supplied is not a value supported by the implementation. ELOOP More than {SYMLOOP_MAX} symbolic links were encountered during resolution of the path argument. ENAMETOOLONG As a result of encountering a symbolic link in resolution of the path argument, the length of the substituted pathname string exceeded {PATH_MAX}. The following sections are informative. EXAMPLES
None. APPLICATION USAGE
Although chown() can be used on some implementations by the file owner to change the owner and group to any desired values, the only porta- ble use of this function is to change the group of a file to the effective GID of the calling process or to a member of its group set. RATIONALE
System III and System V allow a user to give away files; that is, the owner of a file may change its user ID to anything. This is a serious problem for implementations that are intended to meet government security regulations. Version 7 and 4.3 BSD permit only the superuser to change the user ID of a file. Some government agencies (usually not ones concerned directly with security) find this limitation too confin- ing. This volume of IEEE Std 1003.1-2001 uses may to permit secure implementations while not disallowing System V. System III and System V allow the owner of a file to change the group ID to anything. Version 7 permits only the superuser to change the group ID of a file. 4.3 BSD permits the owner to change the group ID of a file to its effective group ID or to any of the groups in the list of supplementary group IDs, but to no others. The POSIX.1-1990 standard requires that the chown() function invoked by a non-appropriate privileged process clear the S_ISGID and the S_ISUID bits for regular files, and permits them to be cleared for other types of files. This is so that changes in accessibility do not accidentally cause files to become security holes. Unfortunately, requiring these bits to be cleared on non-executable data files also clears the mandatory file locking bit (shared with S_ISGID), which is an extension on many implementations (it first appeared in System V). These bits should only be required to be cleared on regular files that have one or more of their execute bits set. FUTURE DIRECTIONS
None. SEE ALSO
chmod(), pathconf(), the Base Definitions volume of IEEE Std 1003.1-2001, <sys/types.h>, <unistd.h> COPYRIGHT
Portions of this text are reprinted and reproduced in electronic form from IEEE Std 1003.1, 2003 Edition, Standard for Information Technol- ogy -- Portable Operating System Interface (POSIX), The Open Group Base Specifications Issue 6, Copyright (C) 2001-2003 by the Institute of Electrical and Electronics Engineers, Inc and The Open Group. In the event of any discrepancy between this version and the original IEEE and The Open Group Standard, the original IEEE and The Open Group Standard is the referee document. The original Standard can be obtained online at http://www.opengroup.org/unix/online.html . IEEE
/The Open Group 2003 CHOWN(3P)