9 More Discussions You Might Find Interesting
1. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
2. Solaris
Hi Gurus,
I need your suggestions,to implement setuid.
Here is the situation. I have a user xyz on a solaris zone.He needs to install a package using a pkgadd command but i guess only a root can run that .Is there any way I can set the setuid bit on the pkgadd which is in the location... (6 Replies)
Discussion started by: rama krishna
6 Replies
3. UNIX for Dummies Questions & Answers
Hi all,
Ok, bear with me on this one, I am a bit new to Unix and it might take me a little bit of time to articulate my question.
I know that every process has a user id and an effective user id. This seems to include the shell itself, because when I type 'ps', I see 'bash' listed as a... (2 Replies)
Discussion started by: oddthingy
2 Replies
4. Solaris
Hi all,
I have a question to see if I understand the euid and uid attributes correctly for rbac (/etc/security/exec_attr):
All:
*
Audit Control:
/etc/init.d/audit euid=0, egid=3
/etc/security/bsmconv uid=0
/etc/security/bsmunconv uid=0
/usr/sbin/audit euid=0
/usr/sbin/auditconfig... (6 Replies)
Discussion started by: deadeyes
6 Replies
5. Red Hat
hi, can anyone tell me where can i find euid and egid from /proc file system in RHEL 4? i read stat file, but i got only uid and gid, and cudnot find any entry regarding euid and egid.please suggest...
thanks,
sanjay (2 Replies)
Discussion started by: sanjaykhuntia
2 Replies
6. Solaris
We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies
7. UNIX for Dummies Questions & Answers
could u plz give me clear idea of spcial permissions setuid,getuid and striky bit . (1 Reply)
Discussion started by: Prem
1 Replies
8. UNIX for Advanced & Expert Users
Hi,
I have a program with the following suid setup
-rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server
It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above.
But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies
9. UNIX for Advanced & Expert Users
I have a C wrapper programme which basically execute a shell script. The shell script has 700 as permission and oracle is owner of the shell script.
The C execuatble has 4711 permission so that means that it has setuid bit set and group and others can execute the C executable.
The reason why I am... (2 Replies)
Discussion started by: sanjay92
2 Replies
setuid(2) System Calls Manual setuid(2)
NAME
setuid(), setgid() - set user and group IDs
SYNOPSIS
DESCRIPTION
sets the real-user-ID (ruid), effective-user-ID (euid), and/or saved-user-ID (suid) of the calling process. If the Security Containment
product is installed, these interfaces treat a process observing as a privileged process. Otherwise, only processes with an euid of zero
are treated as privileged processes. See privileges(5) for more information on Security Containment and fine-grained privileges.
The following conditions govern setuid's behavior:
o If the process is privileged, sets the ruid, euid, and suid to uid.
o If the process is not privileged and the argument uid is equal to the ruid or the suid, sets the euid to uid; the ruid and suid
remain unchanged. (If a set-user-ID program is not running as superuser, it can change its euid to match its ruid and reset
itself to the previous euid value.)
o If the process is not privileged, the argument uid is equal to the euid, and the calling process has the privilege, sets the ruid
to uid; the euid and suid remain unchanged.
sets the real-group-ID (rgid), effective-group-ID (egid), and/or saved-group-ID (sgid) of the calling process. The following conditions
govern behavior:
o If the process is privileged, sets the rgid and egid to gid.
o If the process is not privileged and the argument gid is equal to the rgid or the sgid, sets the egid to gid; the rgid and sgid
remain unchanged.
o If the process is not privileged, the argument gid is equal to the egid, and the calling process has the privilege, sets the rgid
to gid; the egid and sgid remain unchanged.
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration.
See privileges(5) for more information about privileged access on systems that support fine-grained privileges.
RETURN VALUE
Upon successful completion, and return 0; otherwise, they return -1 and set to indicate the error.
ERRORS
and fail and return -1 if any of the following conditions are encountered:
None of the conditions above are met.
uid (gid) is not a valid user (group) ID.
WARNINGS
It is recommended that the capability be avoided, as it is provided for backward compatibility. This feature may be modified or dropped
from future HP-UX releases. When changing the real user ID and real group ID, use of and (see setresuid(2)) is recommended instead.
AUTHOR
was developed by AT&T, the University of California, Berkeley, and HP.
was developed by AT&T.
SEE ALSO
exec(2), getuid(2), setresuid(2), privileges(5).
STANDARDS CONFORMANCE
setuid(2)
