Visit Our UNIX and Linux User Community


Changing the user id or euid of the shell itself


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Changing the user id or euid of the shell itself
# 1  
Old 06-08-2011
Question Changing the user id or euid of the shell itself

Hi all,

Ok, bear with me on this one, I am a bit new to Unix and it might take me a little bit of time to articulate my question.

I know that every process has a user id and an effective user id. This seems to include the shell itself, because when I type 'ps', I see 'bash' listed as a process, and if I select the right options I can see that the uid and euid of 'bash' match my own uid.
user@tux:~$ ps -o "uid euid cmd"
UID EUID CMD
1000 1000 bash
1000 1000 ps -o uid euid cmd
user@tux:~$
I also know that you can user the 'su' command/script to create a new child shell with a different 'user' to the parent shell. Both the uid and euid of the new shell will be different to the old shell.

My question is, simply: is there any way of changing the effective user id of the shell you are in, instead of creating a subshell?
My (unlearned) gut feeling is that this should be possible, because I can write a 'C' program that changes its own euid 'on the run', and since c programs and shells are both processes, why shouldn't a shell be able to change its own euid (following a command from the user)?
I note that c's 'seteuid' function is called a 'system call', shouldn't it be even easier/more straightforward to make system calls straight from the shell?

Thanks in advance for any answers.

My reason for asking this question simply to deepen my understanding of unix.
# 2  
Old 06-08-2011
The guy that wrote the shell determines what system calls it invokes. It would be possible for the shell's author to give the shell's user access to any system call. Perl pretty much does this, but perl is not exactly a shell. But even if you wrote your own C program, you can't just change the euid of your own process... that would be terrible for security. The system calls that fiddle with the uid's only work as root. So the login process, which runs as root, can switch to your uid and then exec a shell. But you cannot switch back to root.

You can run an suid program like passwd to temporarily gain some limited root power. See: https://www.unix.com/tips-tutorials/1...rmissions.html for details on that.
# 3  
Old 06-08-2011
You might be interested in a cpl of commands...

Read up on the id and logname commands. They may prove useful in your investigations.
 

Previous Thread | Next Thread
Test Your Knowledge in Computers #445
Difficulty: Easy
Scientific Linux has been loaded onto systems at the International Space Station.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

User id who is changing the script.

can we know the user id who changed saved script in cron tab..:D (7 Replies)
Discussion started by: netdbaind
7 Replies

2. AIX

AIX How to run a Shell Script by changing the User

Hi All, Currently our application is running on the server having AIX 5.3 OS. What we intend to do is to run a shell script owned by another user and needs to be run as that particular user. I was trying to create a shell script using the su command before running the actual script (which... (4 Replies)
Discussion started by: acoomer
4 Replies

3. Solaris

rbac and execution attributes (uid and euid)

Hi all, I have a question to see if I understand the euid and uid attributes correctly for rbac (/etc/security/exec_attr): All: * Audit Control: /etc/init.d/audit euid=0, egid=3 /etc/security/bsmconv uid=0 /etc/security/bsmunconv uid=0 /usr/sbin/audit euid=0 /usr/sbin/auditconfig... (6 Replies)
Discussion started by: deadeyes
6 Replies

4. AIX

Changing User Characteristics

We use smitty to administer user accounts. Is it safe to make changes to the characteristics of a user while the user is logged in? Can I set "Is this user ACCOUNT LOCKED?" to true ? Can I set an expiration date on an account? Will this effect the user in anyway during their current... (1 Reply)
Discussion started by: andrewsc
1 Replies

5. Red Hat

euid and egid frpm proc

hi, can anyone tell me where can i find euid and egid from /proc file system in RHEL 4? i read stat file, but i got only uid and gid, and cudnot find any entry regarding euid and egid.please suggest... thanks, sanjay (2 Replies)
Discussion started by: sanjaykhuntia
2 Replies

6. Solaris

EUID set for all non-root users

We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies

7. UNIX for Dummies Questions & Answers

To:blowtorch - Setuid uid/euid issue

Hi, Its a shell script. rws by root, r_s by group named "other" and r_x by all others. How can i set the uid from inside a setuid program. please let me know. Also I dont have a c compiler on the system. Thanks Reply With Quote (0 Replies)
Discussion started by: 0ktalmagik
0 Replies

8. AIX

changing user password

I have 02 servers: - Linux RHEL AS 3 (server1) - AIX 5.2 (server2) Running the command rsh server2 passwd derje from the server1 to change derje user password on server2, give me this error: 3004-709 Error while changing the password for "derje" Can somebody help me ? (0 Replies)
Discussion started by: mayge
0 Replies

9. UNIX for Advanced & Expert Users

Changing permissions of a user

So I need to change the permissions of my user account. I can access the root account on the server, but don't know how to change the permissions of my user account. I was advised to try 'userconf' to see if I am part of a group, but I dunno how that works. ANyone who knows how to see the... (3 Replies)
Discussion started by: achink125
3 Replies

10. Cybersecurity

Changing effective user

I would like to give execution rights for a script to one user. (that's the easy part...) When that user is running the script, I would like the effective user ID to be that of the file-owner. Is this possible? (6 Replies)
Discussion started by: hilmel
6 Replies

Featured Tech Videos