Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setuid usage
Top Forums Shell Programming and Scripting Setuid usage Post 303026504 by Ralph on Wednesday 28th of November 2018 05:23:18 PM
Old 11-28-2018
Worked like a charm:

Code:
#include <stdio.h>
#include <stdlib.h>

int main( int argc, char **argv ) { 

   FILE* fp = fopen( "/hi" , "w" );
   fprintf( fp, "%s\n", "hi there" );
   fclose ( fp );
   exit(1);
}

And then:

Code:
$ gcc hi.c
$ mv a.out sayHi
$ sudo chown root sayHi
$ sudo chgrp root sayHi
$ sudo chmod u+s sayHi
$ ls -l sayHi
-rwsr-xr-x 1 root root 8256 Nov 29 06:04 sayHi
$ ./sayHi
$ ls -l /hi
-rw-r--r-- 1 root pi 9 Nov 29 06:06 /hi
$ cat /hi
hi there
$

Alles klar.

------ Post updated at 10:23 PM ------

Quote:
Originally Posted by Don Cragun
You still haven't told us what operating system you're using...

Some operating systems NEVER allow shell scripts to be run set-uid.

Some operating systems NEVER allow a running program to be overwritten.

Some operating systems only allow shells specified in a system file to be used to run set-uid scripts.

All of the above are possible reasons why what you're trying might not work on an unspecified operating system.
I wasn't sure what information was relevant. Originally I thought a shell script could be used to experiment but apparently not.
I'm using Bash v4.4 on a Raspberry Pi running Raspbian, a Debian based Linux distribution. And Bash v4.4 on Kali Linux (Stretch), also Debian based.

I'm actually not trying to overwrite a running program. It may have looked like that because originally I tried to write the string "hello" into a file with filename "hello" and the script was also named hello. My apologies for the confusion.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

setuid

I have a C wrapper programme which basically execute a shell script. The shell script has 700 as permission and oracle is owner of the shell script. The C execuatble has 4711 permission so that means that it has setuid bit set and group and others can execute the C executable. The reason why I am... (2 Replies)
Discussion started by: sanjay92
2 Replies

2. UNIX for Dummies Questions & Answers

Using setuid and setgid

Hi, I have been looking at setuid and setgid. I understand that setuid determines who owns the file and setgid determines which group of people can access the file... yeah?! But i need to know how to actually use setuid and setgid. I'm guessing chmod will feature somewhere.. Any help... (1 Reply)
Discussion started by: crispy
1 Replies

3. UNIX for Advanced & Expert Users

cc, setuid, and LD_LIBRARY_PATH

Hi, This question deals with Solaris 2.8 and setuid programs. From research I've done so far, setuid programs ignore LD_LIBRARY_PATH; I've proven this and am OK with it. The thing I am not certain of how the C compiler is supposed to behave when it is invoked via a setuid program. Basically,... (0 Replies)
Discussion started by: WolfBoy
0 Replies

4. UNIX for Dummies Questions & Answers

setuid

could u plz give me clear idea of spcial permissions setuid,getuid and striky bit . (1 Reply)
Discussion started by: Prem
1 Replies

5. HP-UX

how can I find cpu usage memory usage swap usage and logical volume usage

how can I find cpu usage memory usage swap usage and I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times my final destination is monitor process logical volume usage above X % and number of Logical voluage above can I not to... (3 Replies)
Discussion started by: alert0919
3 Replies

6. Solaris

setuid and guid

Hi All, Can someone give me some info about setuid or guid topic? Also about sticky bit. Thanks in advance, itik (9 Replies)
Discussion started by: itik
9 Replies

7. AIX

How to monitor the IBM AIX server for I/O usage,memory usage,CPU usage,network..?

How to monitor the IBM AIX server for I/O usage, memory usage, CPU usage, network usage, storage usage? (3 Replies)
Discussion started by: laknar
3 Replies

8. Solaris

Need help with setuid.

Hi Gurus, I need your suggestions,to implement setuid. Here is the situation. I have a user xyz on a solaris zone.He needs to install a package using a pkgadd command but i guess only a root can run that .Is there any way I can set the setuid bit on the pkgadd which is in the location... (6 Replies)
Discussion started by: rama krishna
6 Replies

9. UNIX for Dummies Questions & Answers

Restricting Usage of Setuid Programs to the Admin User In MacOsx

This is a quote from the Apple security configuration (you can download it from Apple) " Using ACLs to Restrict Usage of Setuid Programs The ACL feature of Mac OS X can also be used to restrict the execution of setuid programs. Restricting the execution of setuid programs to administrators... (3 Replies)
Discussion started by: Vera
3 Replies

10. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

LEARN ABOUT POSIX

pidof

PIDOF(8)						Linux System Administrator's Manual						  PIDOF(8)

NAME

       pidof -- find the process ID of a running program.

SYNOPSIS

       pidof [-s] [-c] [-n] [-x] [-o omitpid[,omitpid..]]  [-o omitpid[,omitpid..]..]  program [program..]

DESCRIPTION

       Pidof  finds  the  process  id's (pids) of the named programs. It prints those id's on the standard output. This program is on some systems
       used in run-level change scripts, especially when the system has a System-V like rc structure. In that case these scripts  are  located	in
       /etc/rc?.d, where ? is the runlevel. If the system has a start-stop-daemon (8) program that should be used instead.

OPTIONS

       -s     Single shot - this instructs the program to only return one pid.

       -c     Only  return  process ids that are running with the same root directory.	This option is ignored for non-root users, as they will be
	      unable to check the current root directory of processes they do not own.

       -n     Avoid stat(2) system function call on all binaries which are located on network based file systems like NFS.  Instead of using  this
	      option the the variable PIDOF_NETFS may be set and exported.

       -x     Scripts too - this causes the program to also return process id's of shells running the named scripts.

       -o omitpid
	      Tells  pidof  to omit processes with that process id. The special pid %PPID can be used to name the parent process of the pidof pro-
	      gram, in other words the calling shell or shell script.

EXIT STATUS

       0      At least one program was found with the requested name.

       1      No program was found with the requested name.

NOTES

       pidof is actually the same program as killall5; the program behaves according to the name under which it is called.

       When pidof is invoked with a full pathname to the program it should find the pid of, it is reasonably safe. Otherwise it is  possible  that
       it  returns  pids  of  running programs that happen to have the same name as the program you're after but are actually other programs. Note
       that that the executable name of running processes is calculated with readlink(2), so symbolic links to executables will also match.

SEE ALSO

       shutdown(8), init(8), halt(8), reboot(8), killall5(8)

AUTHOR

       Miquel van Smoorenburg, miquels@cistron.nl

								    01 Sep 1998 							  PIDOF(8)
All times are GMT -4. The time now is 08:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy