Red Hat

Hi,

OS : Linux

I have an executable (P1) owned by user say "abcd" and the setuid bit is set. And there is another executable (P2) which brings up the process (P1).

When the setuid bit is set, the process P1 is failing, if the setuid bit is not set there is no issue.

I was wondering if there is anything to do with the invoking process P2. P2 is owned by another user say "defg" and permissions are -r-xr-xr-w.

I found a thread something similar, not sure whether compiling and linking needs to be done separately.
setuid bit on user + dynamically linked libraries

Any suggestions would be of great help.

Thanks,
Ahamed

Set uid / grpid exec() turns of LD_LIBRARY_PATH so the program cannot be attacked by a bogus dynamic lib. Either it must be statically linked or compiled with lib path in -R.

what do you mean failing? please post the error. also provide details of what system your running on.

Hi frank,

By failing what I meant is, the process is not comping up. It tries to initiate but then dies after few seconds when the suid bit is set.

I am running MontaVista Linux.


regards,
Ahamed.

I think it turns off several critical env vars so it cannot be hacked, so even if it runs, children that expect an env may not.

Thank you for all the response. The issue was the env variable LD_LIBRARY_PATH.

Quoting from internet

For security reasons, LD_LIBRARY_PATH is ignored at runtime for executables that have their setuid or setgid bit set. This severely limits the usefulness of LD_LIBRARY_PATH.

The exit error code which I was getting : 127 unable to open shared object. When I did an strace I could see that, it was searching for the depedendent libraries on /usr/lib and not the ones present in LD_LIBRARY_PATH. So for testing I created a link from the actual library path to /usr/lib and it worked.

regards,
Ahamed.

Either that, or compile static libs, or use -R option to embed link paths.