UNIX for Dummies Questions & Answers

Hello all.
Despite the exec man page, the exec system call seems to turn my effective-user-id into my real-user-id.

I coded and compiled 2 very simple c programs as user 1 (uid=501)
The first one (A) prints real and effective user IDs and then execs the second one (B), which in turn prints its IDs.
I then added the set-user-id bit to A's permissions:
chmod ug+s A
Didn't change B at all.
Finally user 2 (uid=502) launched A.

Here is the output:
[user2@grmdcis06 tmp]$ ./A
UID GID
Real 502 Real 502
Effective 501 Effective 500
Executing command...
UID GID
Real 502 Real 502
Effective 502 Effective 502

As it turns out, the effective user id gets changed by the exec.

A:

Code:

#include <stdio.h>
#include <stdlib.h>
int main ()
{
  printf(
        "         UID           GID  \n"
        "Real      %d  Real      %d  \n"
        "Effective %d  Effective %d  \n",
        getuid (),     getgid (),
        geteuid(),     getegid()
        );
  printf ("Executing command...\n");
  execl ("./B", NULL);
}

B:

Code:

#include <stdio.h>
#include <stdlib.h>
int main ()
{
  printf(
        "         UID           GID  \n"
        "Real      %d  Real      %d  \n"
        "Effective %d  Effective %d  \n",
        getuid (),     getgid (),
        geteuid(),     getegid()
        );
  return 0;
}

Any tip for avoiding this?

Thank you in advance

cesare

What system is this?

This is expected behavior -- From the the POSIX standard:

I think this applies to your problem, is your system POSIX-compliant?

Hi guys.
Thanks to both of you.

@corona688 The system is a CentOS.
[cesare@grmdcis06 tmp]$ uname -a
Linux grmdcis06.netikos.com 2.6.9-78.ELsmp #1 SMP Fri Jul 25 00:04:28 EDT 2008 i686 i686 i386 GNU/Linux

@jim
I had read that part; sorry, but I still can't understand.
Why do you say it is expected behavior. The exec'd file (the B) has no set-user-id-flag set. The effective user id shouldn't be affected at all. Am I missing something? :?

Thanks

\c

It's not a file option. It's a file system option, which applies to any file in the entire partition.

No. I'm saying that is expected behavior for POSIX compliant systems. CentOS does not claim to be fully POSIX-compliant.

It is a mix of of open-source components mostly from linux distributions. The code has been modified and then incorporated into the CentOS distibution.

The behavior you have is not compliant as far as I can see.

Hold on; I was talking about the set-user-id permission flag.
You mean the ST_NOSUID, which you are right is a system option.

Anyway, the strange bevaior here is, in my opinion another one:
I'm claiming that the executable B file is a normal exe file with no set-uid bit.
When the process A (which do has the suid bit set) is execd by the shell, it comes up with a real user id of 502 (user2=502 is the user issuing the command), and an effective-user-id of 501 (user1=501 is the A's owner). That's expected behavior, since A is a set-uid executable and therefore the effective user id has changed, as expected.
But -here comes the weird stuff- when A execs B, the effective-user-id is turned into the real user id, even if B is a normal executable file without suid. It still sounds odd to me.

Maybe there's something I miss. Apologize if everything is clear for you.

\c

---------- Post updated 10-11-11 at 12:50 AM ---------- Previous update was 09-11-11 at 04:09 PM ----------

Good morning
In Italy we say "la notte porta consiglio".

I figured out the problem is the shell.
The exec family has many different functions. I chose the bad one.
If the shell is used (and it is with execl), you lose privileges, since sh doesn't preserve it by design, maybe for avoiding malicious trojan horses.
Anyway, using execv solves the problem: the effective-user-id is preserved across process invocations.

Thanks to you all anyway.

May this be usefull in the future for you as well.
I'm pretty sure I'll forget it tomorrow...

Bye

\c