Sponsored Content
Full Discussion: Setuid root and chown
Top Forums UNIX for Dummies Questions & Answers Setuid root and chown Post 68250 by reborg on Friday 1st of April 2005 07:52:34 PM
Old 04-01-2005
Quote:
Originally Posted by Just Ice
i actually just tested a quick script on solaris 9 with suid bit set and it does work ...
Code:
$ id
uid=1001(otto) gid=10(staff)
$ ls -l test
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$ cat test
#! /bin/ksh
chown otto joke
chmod 444 joke
ls -l joke
exit 0
$ ./test
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
$ ls -l
total 64
-r--r--r--   1 otto     other        568 Apr  1 17:36 joke
-rwsr-xr-x   1 root     other         61 Apr  1 19:05 test
$

But who was joke originally owned by?

Only kidding it did work for me too on Solaris 9, but I was pretty sure it shouldn't.

Last edited by reborg; 04-01-2005 at 08:57 PM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

setuid

I have a C wrapper programme which basically execute a shell script. The shell script has 700 as permission and oracle is owner of the shell script. The C execuatble has 4711 permission so that means that it has setuid bit set and group and others can execute the C executable. The reason why I am... (2 Replies)
Discussion started by: sanjay92
2 Replies

2. UNIX for Advanced & Expert Users

Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue

Hi, I have a program with the following suid setup -rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above. But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies

3. UNIX for Dummies Questions & Answers

setuid

could u plz give me clear idea of spcial permissions setuid,getuid and striky bit . (1 Reply)
Discussion started by: Prem
1 Replies

4. UNIX for Dummies Questions & Answers

chown -R under root directory

Hi I executed command "chown -R xxx:xxx /" with user root... and it was too late when I found the mistake. Ownership of some files under the root directory had already become xxx:xxx. Is there a way that can recovery the ownership of all my files back to the point where they were? I really thanks. (2 Replies)
Discussion started by: password636
2 Replies

5. AIX

sudo must be setuid root.

Guy's I'm trying to add some lines in sudo by useing this command visudo # User privilege specification root ALL=(ALL) ALL # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL # Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL #... (5 Replies)
Discussion started by: ITHelper
5 Replies

6. UNIX for Dummies Questions & Answers

chown: Operation not permitted as root

Hi Expert, I am trying to change ownership of one file to another user that is exist in the system but getting operation not permitted error what could be the correct way? # ls -lh .Xauthority_ori -rw------- 1 maxim atlas 2.8K Jul 27 17:18 .Xauthority_ori # id -a uid=0(root)... (8 Replies)
Discussion started by: regmaster
8 Replies

7. Solaris

Need help with setuid.

Hi Gurus, I need your suggestions,to implement setuid. Here is the situation. I have a user xyz on a solaris zone.He needs to install a package using a pkgadd command but i guess only a root can run that .Is there any way I can set the setuid bit on the pkgadd which is in the location... (6 Replies)
Discussion started by: rama krishna
6 Replies

8. Solaris

Migration of system having UFS root FS with zones root to ZFS root FS

Hi All After downloading ZFS documentation from oracle site, I am able to successfully migrate UFS root FS without zones to ZFS root FS. But in case of UFS root file system with zones , I am successfully able to migrate global zone to zfs root file system but zone are still in UFS root file... (2 Replies)
Discussion started by: sb200
2 Replies

9. Red Hat

Find and Chown all files in a DIR except for Root

RHEL 6.3 Could someone tell me how to use the find and chown command to replace all files in a directory owned by user1 (for this example) and replace with user1:group1? Most importantly I dont want to change any files owned by root. I recently used the following command but it changed the root... (4 Replies)
Discussion started by: gps1976
4 Replies

10. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies
CAPTEST:(8)						  System Administration Utilities					       CAPTEST:(8)

NAME
captest - a program to demonstrate capabilities SYNOPSIS
captest [ --drop-all | --drop-caps | --id ] [ --lock ] [ --text ] DESCRIPTION
captest is a program that demonstrates and prints out the current process capabilities. Each option prints the same report. It will output current capabilities. then it will try to access /etc/shadow directly to show if that can be done. Then it creates a child process that attempts to read /etc/shadow and outputs the results of that. Then it outputs the capabilities that a child process would have. You can also apply file system capabilities to this program to study how they work. For example, filecap /usr/bin/captest chown. Then run captest as a normal user. Another interesting test is to make captest suid root so that you can see what the interaction is between root's credentials and capabilities. For example, chmod 4755 /usr/bin/captest. When run as a normal user, the program will see if privilege esca- lation is possible. But do not leave this app setuid root after you are don testing so that an attacker cannot take advantage of it. OPTIONS
--drop-all This drops all capabilities and clears the bounding set. --drop-caps This drops just traditional capabilities. --id This changes to uid and gid 99, drops supplemental groups, and clears the bounding set. --text This option outputs the effective capabilities in text rather than numerically. --lock This prevents the ability for child processes to regain privileges if the uid is 0. SEE ALSO
filecap(8), capabilities(7) AUTHOR
Steve Grubb Red Hat June 2009 CAPTEST:(8)
All times are GMT -4. The time now is 08:30 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy