Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Difference between inbuilt suid programs and user defined root suid programs under bash shell?
Top Forums UNIX for Dummies Questions & Answers Difference between inbuilt suid programs and user defined root suid programs under bash shell? Post 302955665 by syncmaster on Sunday 20th of September 2015 10:44:21 AM
Old 09-20-2015
Difference between inbuilt suid programs and user defined root suid programs under bash shell?
Hey guys,

Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.

However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by comparing uid and euid within the program which turned out to be the same. However, in zsh shell, it runs with root privileges

My question is : Why does an inbuilt program like suid is able to run with root privileges in bash shell while a user defined suid root program is not ?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

what is suid ?

what is SUID ? can someone explain or point me to a link ? thanks simon2000 (2 Replies)
Discussion started by: simon2000
2 Replies

2. UNIX for Advanced & Expert Users

is SUID disabled for shell

Hi, I have two file in my directory. "catter" file contains "cat ./file". And "file" contails "Hi ashish". I have SUID bit set for catter file. But when a different user in my group runs file catter, shell displays "Permission denied" message. I just want to know can use of suid bit be... (3 Replies)
Discussion started by: shriashishpatil
3 Replies

3. UNIX for Advanced & Expert Users

SUID not working

Hi Senario: I have previleges to edit a file F but User B does not have sufficient privs to edit it. In order for B to edit it I tried an indirect way. I created a script to edit F and SUID this script so that B can execute it with the privs of me. But this is not working . can some one help... (3 Replies)
Discussion started by: Pankaj Mishra
3 Replies

4. UNIX for Advanced & Expert Users

running X-11 programs as root

Hello, I would like to run gedit as root while logged into my regular user account. When I try to launch gedit from the command line as super user, I get this message: Gtk-WARNING **: cannot open display: Any suggestions or word arounds? It would make my life a lot simpler to edit files... (8 Replies)
Discussion started by: Allasso
8 Replies

5. UNIX for Dummies Questions & Answers

Are programs like sys_open( ) ,sys_read( ) et al examples of system level programs ?

Are the programs written on schedulers ,thread library , process management, memory management, et al called systems programs ? How are they different from the programs that implement functions like open() , printf() , scanf() , read() .. they have a prefix sys_open, sys_close, sys_read etc , right... (1 Reply)
Discussion started by: vishwamitra
1 Replies

6. UNIX for Advanced & Expert Users

check user installed programs

How do check the programs that the actual user of the computer installed. I do not care at all about the default programs that came with your distro of Linux, I only want the user installed programs. (1 Reply)
Discussion started by: cokedude
1 Replies

7. Cybersecurity

the SUID of lpq

Hello My system is Debian-503-amd64. After I installed the "lpr" package, I found that some files with SUID bit come from this package. As: ls -l /usr/bin/lp* .... -rwsr-sr-x 1 root lp 31800 2008-05-20 /usr/bin/lpq -rwsr-sr-x 1 root lp 28504 2008-05-20 /usr/bin/lpr -rwsr-sr-x 1... (1 Reply)
Discussion started by: ZR_Lang
1 Replies

8. Debian

Create restricted user for programs

want to create a user account for each of the key programs installed on my debian server. For example, for the following programs: Tomcat Nginx Supervisor PostgreSQL This seems to be recommended based on my reading online. However, I want to restrict these user accounts as much as possible,... (3 Replies)
Discussion started by: Spadez
3 Replies

9. Shell Programming and Scripting

SUID works for shell scripts??

SUID works for shell scripts (bash)?? I'm user user1 need to execute a shell script (script.sh) which is owned by user2.-rwsrwxrwx 1 user2 aduser 3518 Aug 21 05:33 script.shOnly user2 has write privileges to write/copy a file in directory /dir1/subdir. Hence SUID bit permissions are set to... (8 Replies)
Discussion started by: MSK_1990
8 Replies

10. UNIX for Dummies Questions & Answers

Can you gain root privileges if the suid program does not belong to root?

I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way? I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies

LEARN ABOUT XFREE86

captest

CAPTEST:(8)						  System Administration Utilities					       CAPTEST:(8)

NAME

       captest - a program to demonstrate capabilities

SYNOPSIS

       captest [ --drop-all | --drop-caps | --id ] [ --lock ] [ --text ]

DESCRIPTION

       captest	is a program that demonstrates and prints out the current process capabilities. Each option prints the same report. It will output
       current capabilities. then it will try to access /etc/shadow directly to show if that can be done. Then it creates  a  child  process  that
       attempts to read /etc/shadow and outputs the results of that. Then it outputs the capabilities that a child process would have.

       You  can  also apply file system capabilities to this program to study how they work. For example, filecap /usr/bin/captest chown. Then run
       captest as a normal user. Another interesting test is to make captest suid root so that you can see what the interaction is between  root's
       credentials  and capabilities. For example, chmod 4755 /usr/bin/captest. When run as a normal user, the program will see if privilege esca-
       lation is possible. But do not leave this app setuid root after you are don testing so that an attacker cannot take advantage of it.

OPTIONS

       --drop-all
	      This drops all capabilities and clears the bounding set.

       --drop-caps
	      This drops just traditional capabilities.

       --id   This changes to uid and gid 99, drops supplemental groups, and clears the bounding set.

       --text This option outputs the effective capabilities in text rather than numerically.

       --lock This prevents the ability for child processes to regain privileges if the uid is 0.

SEE ALSO

       filecap(8), capabilities(7)

AUTHOR

       Steve Grubb

Red Hat 							     June 2009							       CAPTEST:(8)
All times are GMT -4. The time now is 01:54 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy