09-20-2015
Difference between inbuilt suid programs and user defined root suid programs under bash shell?
Hey guys,
Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.
However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by comparing uid and euid within the program which turned out to be the same. However, in zsh shell, it runs with root privileges
My question is : Why does an inbuilt program like suid is able to run with root privileges in bash shell while a user defined suid root program is not ?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
what is SUID ? can someone explain or point me to a link ?
thanks
simon2000 (2 Replies)
Discussion started by: simon2000
2 Replies
2. UNIX for Advanced & Expert Users
Hi,
I have two file in my directory. "catter" file contains "cat ./file". And "file" contails "Hi ashish". I have SUID bit set for catter file. But when a different user in my group runs file catter, shell displays "Permission denied" message.
I just want to know can use of suid bit be... (3 Replies)
Discussion started by: shriashishpatil
3 Replies
3. UNIX for Advanced & Expert Users
Hi
Senario: I have previleges to edit a file F but User B does not have sufficient privs to edit it.
In order for B to edit it I tried an indirect way. I created a script to edit F and SUID this script so that B can execute it with the privs of me. But this is not working . can some one help... (3 Replies)
Discussion started by: Pankaj Mishra
3 Replies
4. UNIX for Advanced & Expert Users
Hello,
I would like to run gedit as root while logged into my regular user account. When I try to launch gedit from the command line as super user, I get this message:
Gtk-WARNING **: cannot open display:
Any suggestions or word arounds? It would make my life a lot simpler to edit files... (8 Replies)
Discussion started by: Allasso
8 Replies
5. UNIX for Dummies Questions & Answers
Are the programs written on schedulers ,thread library , process management, memory management, et al called systems programs ? How are they different from the programs that implement functions like open() , printf() , scanf() , read() .. they have a prefix sys_open, sys_close, sys_read etc , right... (1 Reply)
Discussion started by: vishwamitra
1 Replies
6. UNIX for Advanced & Expert Users
How do check the programs that the actual user of the computer installed. I do not care at all about the default programs that came with your distro of Linux, I only want the user installed programs. (1 Reply)
Discussion started by: cokedude
1 Replies
7. Cybersecurity
Hello
My system is Debian-503-amd64. After I installed the "lpr" package, I found that some files with SUID bit come from this package. As:
ls -l /usr/bin/lp*
....
-rwsr-sr-x 1 root lp 31800 2008-05-20 /usr/bin/lpq
-rwsr-sr-x 1 root lp 28504 2008-05-20 /usr/bin/lpr
-rwsr-sr-x 1... (1 Reply)
Discussion started by: ZR_Lang
1 Replies
8. Debian
want to create a user account for each of the key programs installed on my debian server. For example, for the following programs:
Tomcat Nginx Supervisor PostgreSQL
This seems to be recommended based on my reading online. However, I want to restrict these user accounts as much as possible,... (3 Replies)
Discussion started by: Spadez
3 Replies
9. Shell Programming and Scripting
SUID works for shell scripts (bash)??
I'm user user1 need to execute a shell script (script.sh) which is owned by user2.-rwsrwxrwx 1 user2 aduser 3518 Aug 21 05:33 script.shOnly user2 has write privileges to write/copy a file in directory /dir1/subdir. Hence SUID bit permissions are set to... (8 Replies)
Discussion started by: MSK_1990
8 Replies
10. UNIX for Dummies Questions & Answers
I had a question in my test which asked where suppose user B has a program with 's' bit set. Can user A run this program and gain root privileges in any way?
I suppose not as the suid program run with privileges of owner and this program will run with B's privileges and not root. (1 Reply)
Discussion started by: syncmaster
1 Replies
LEARN ABOUT DEBIAN
logfetch
LOGFETCH(1) General Commands Manual LOGFETCH(1)
NAME
logfetch - Xymon client data collector
SYNOPSIS
logfetch CONFIGFILE STATUSFILE
DESCRIPTION
logfetch is part of the Xymon client. It is responsible for collecting data from logfiles, and other file-related data, which is then sent
to the Xymon server for analysis.
logfetch uses a configuration file, which is automatically retrieved from the Xymon server. There is no configuration done locally. The
configuration file is usually stored in the $BBHOME/tmp/logfetch.cfg file, but editing this file has no effect since it is re-written with
data from the Xymon server each time the client runs.
logfetch stores information about what parts of the monitored logfiles have been processed already in the $BBHOME/tmp/logfetch.status file.
This file is an internal file used by logfetch, and should not be edited. If deleted, it will be re-created automatically.
SECURITY
logfetch needs read access to the logfiles it should monitor. If you configure monitoring of files or directories through the "file:" and
"dir:" entries in client-local.cfg(5) then logfetch will require at least read-acces to the directory where the file is located. If you
request checksum calculation for a file, then it must be readable by the Xymon client user.
Do NOT install logfetch as suid-root. There is no way that logfetch can check whether the configuration file it uses has been tampered
with, so installing logfetch with suid-root privileges could allow an attacker to read any file on the system by using a hand-crafted con-
figuration file. In fact, logfetch will attempt to remove its own suid-root setup if it detects that it has been installed suid-root.
ENVIRONMENT VARIABLES
DU Command used to collect information about the size of directories. By default, this is the command du -k. If the local du-command
on the client does not recognize the "-k" option, you should set the DU environment variable in the $BBHOME/etc/hobbitclient.cfg
file to a command that does report directory sizes in kilobytes.
FILES
$BBHOME/tmp/logfetch.cfg
$BBHOME/tmp/logfetch.status
SEE ALSO
xymon(7), hobbit-clients.cfg(5)
Xymon Version 4.2.3: 4 Feb 2009 LOGFETCH(1)