Quote:
Originally Posted by
Corona688
It's not a file option. It's a file system option, which applies to any file in the entire partition.
Hold on; I was talking about the set-user-id permission flag.
You mean the ST_NOSUID, which you are right is a system option.
Anyway, the strange bevaior here is, in my opinion another one:
I'm claiming that the executable B file is a normal exe file with no set-uid bit.
When the process A (which do has the suid bit set) is execd by the shell, it comes up with a real user id of 502 (user2=502 is the user issuing the command), and an effective-user-id of 501 (user1=501 is the A's owner). That's expected behavior, since A is a set-uid executable and therefore the effective user id has changed, as expected.
But -here comes the weird stuff- when A execs B, the effective-user-id is turned into the real user id, even if B is a normal executable file without suid. It still sounds odd to me.
Maybe there's something I miss. Apologize if everything is clear for you.
\c
---------- Post updated 10-11-11 at 12:50 AM ---------- Previous update was 09-11-11 at 04:09 PM ----------
Good morning
In Italy we say "la notte porta consiglio".
I figured out the problem is the shell.
The exec family has many different functions. I chose the bad one.
If the shell is used (and it is with execl), you lose privileges, since sh doesn't preserve it by design, maybe for avoiding malicious trojan horses.
Anyway, using execv solves the problem: the effective-user-id is preserved across process invocations.
Thanks to you all anyway.
May this be usefull in the future for you as well.
I'm pretty sure I'll forget it tomorrow...
Bye
\c