07-14-2003
I doubt that I can explain it as well as Rich Stevens. But here is a brief and over-simplified description.
Let's say that you sign on as "lethefe". The login program will look up lethefe in /etc/passwd to get your uid, which we will say is 1000. So the login program sets the real, effective, and saved uid to be 1000.
This affects any processes that you run. For example you will not be able to write to /etc/passwd because you do not have permission.
So you want to change your password. To do that, you will run the passwd program. The passwd program has the setuid bit set. That causes the exec() system call to set the effective and saved uids to the owner of /usr/bin/passwd. The real uid is still 1000.
While the passwd program is running, it can write to /etc/passwd. So now you can change your password. But if you try to change, say, joeblow's password, it won't let you. The passwd program can look at your real uid and decide what you should be allowed to do.
The reason that the passwd program can write to the passwd file is that the effective uid is root.
So while you are running a suid program, your real uid is you. Your saved uid is whoever owned the program. The effective uid will start out also set to whoever owned the program. The program can switch the effective uid back and forth between the real and saved uids. This lets it decide which set of permissions it wants.
10 More Discussions You Might Find Interesting
1. Programming
#include <iostream.h>
class A
{
public:
void f(void)
{
cout << "hello world \n" ;
}
};
void main()
{
A *a;
a = 0 ;
a->f(); // OOPs...Am I mad? What am I going to do ?
} (1 Reply)
Discussion started by: RipClaw
1 Replies
2. Shell Programming and Scripting
Hi all,
I am trying to eject the cdrom from a livecd after certain stage...
Now assuming that it is possible to eject,please consider my issue!!!
The OS boots into a regular user by default...so i am unable to use the eject command to push out the drive...
However if i try pfexec eject it... (3 Replies)
Discussion started by: wrapster
3 Replies
3. Solaris
Hi all,
One disk on my root disk group failed in Veritas Volume manager.
I replaced it with new one, initialized it and placed it with removed one.
it Synchronized plexes and everything is fine. this node was second standby node of Sun cluster. yesterday I had failure on active node with boot... (1 Reply)
Discussion started by: samar
1 Replies
4. Solaris
Not sure why solaris couldn't detect the geometry of a hard disk which has a working OS of winxp pro.
Is it due to the different OS that the partition information is stored in different location?
When I type '"format" it is shown as below,
c3d1 < drive type unknown>... (5 Replies)
Discussion started by: just.srad
5 Replies
5. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
6. UNIX for Advanced & Expert Users
Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent.
The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies
7. Shell Programming and Scripting
How to create a symbolic link to a command with certain argument?
When I man hexdump, it is said in the man page that "-C Canonical hex+ASCII display...Calling the command hd implies this option". Actually it is. hd equals to hexdump -C.
And then I examined the ln command but find it is a... (5 Replies)
Discussion started by: vistastar
5 Replies
8. OS X (Apple)
I'm new to playing with the command line on OS X and am puzzled by the response I am getting from the find command. I have a file structure similar to the following
/Volumes/
../Drobo/
../../Pictures/
../../../Image 1/
../../../../Image 1.jpg
../../../../Previews/
../../../../../Image... (2 Replies)
Discussion started by: Denrael
2 Replies
9. UNIX for Dummies Questions & Answers
Whenever i switch from root to another user, by doing su - user, it takes me to home directory of user. This is very annoying as i want to be in same dir to run different commands as root sometimes and sometimes as normal user.
How to fix this? (1 Reply)
Discussion started by: syncmaster
1 Replies
10. Programming
Facebook had a mathematics problem which was as thus:-
6/2(1+2) = ?
Answer is 9.
My ancient Casio FX 730P mini computer written exactly as that gives 'error' only.
Now take a look at shell versions, and a python version:-
Last login: Wed Sep 14 18:04:04 on ttys000
AMIGA:barrywalker~>... (6 Replies)
Discussion started by: wisecracker
6 Replies
LEARN ABOUT REDHAT
hesiod_getpwnam
HESIOD(3) Library Functions Manual HESIOD(3)
NAME
hesiod_getpwnam, hesiod_getpwuid, hesiod_free_passwd - Hesiod functions for retrieving passwd information
SYNOPSIS
#include <hesiod.h>
struct passwd *hesiod_getpwnam(void *context, const char *name)
struct passwd *hesiod_getpwuid(void *context, uid_t uid)
void hesiod_free_passwd(void *context, struct passwd *pw)
cc file.c -lhesiod
DESCRIPTION
This family of functions allows you to retrieve passwd database information using Hesiod. To perform lookups, you need an initialized Hes-
iod context; see hesiod(3) for details. You may look up passwd information by name or by uid; information is returned in the same format
as by getpwnam or getpwuid. It is the caller's responsibility to call hesiod_free_passwd with the returned passwd entry to free the
resources used by the passwd entry.
Hesiod queries for passwd information are made using the ``passwd'' or ``uid'' Hesiod type, using either the username or the decimal repre-
sentation of the uid as the Hesiod name. The corresponding records should be a colon-separated list of fields giving the username,
encrypted password, uid, gid, GECOS information, home directory, and shell of the user.
RETURN VALUES
On failure, hesiod_getpwnam and hesiod_getpwuid return NULL and set the global variable errno to indicate the error.
ERRORS
These calls may fail for any of the reasons the routine hesiod_resolve may fail.
SEE ALSO
hesiod(3)
30 November 1996 HESIOD(3)