* setuid funciton
@ 2007-12-25 19:12 Cihan Kömeçoğlu
2007-12-26 3:28 ` Glynn Clements
0 siblings, 1 reply; 3+ messages in thread
From: Cihan Kömeçoğlu @ 2007-12-25 19:12 UTC (permalink / raw)
To: linux-c-programming
Hello everybody
I have written simple code about usage of setuid. this program file set-user-id bit is on and this process after exec when I execute this program, effective user id and saved-user-id bit will be program-file's user id. this correct?
But the last output when I set uid to 80(www) ,effective user id wasn't 80. Why not? saved set user id is still 80? What is the problem?
I compiled below code with gcc and I set-user-id bit and change own file with this command
Code:
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
int main(void)
{
printf("Real UID\t= %d\n", getuid());
printf("Effective UID\t= %d\n", geteuid());
printf("Real GID\t= %d\n", getgid());
printf("Effective GID\t= %d\n", getegid());
setuid(1001);
printf("Real UID\t= %d\n", getuid());
printf("Effective UID\t= %d\n", geteuid());
printf("Real GID\t= %d\n", getgid());
printf("Effective GID\t= %d\n", getegid());
setuid(80);
printf("Real UID\t= %d\n", getuid());
printf("Effective UID\t= %d\n", geteuid());
printf("Real GID\t= %d\n", getgid());
printf("Effective GID\t= %d\n", getegid());
return EXIT_SUCCESS;
}gcc setuid-simple.c -o setuid-simple
#[root] chown www setuid-simple
#[root] chmod 4755 setuid-simple
and output with ls command
-rwsr-xr-x 1 www wheel 5708 23 Ara 11:41 setuid-simple
this is program's output:
Quote:
Real UID = 1001
Effective UID = 80
Real GID = 0
Effective GID = 0
/*setuid(1001)*/
Real UID = 1001
Effective UID = 1001
Real GID = 0
Effective GID = 0
/*setuid(80)*/
Real UID = 1001
Effective UID = 1001
Real GID = 0
Effective GID = 0
--
Cihan Kömeçoðlu,
EnderUNIX SDT mailto:cihan@enderunix.org
-
To unsubscribe from this list: send the line "unsubscribe linux-c-programming" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: setuid funciton
2007-12-25 19:12 setuid funciton Cihan Kömeçoğlu
@ 2007-12-26 3:28 ` Glynn Clements
2007-12-26 23:48 ` Re[2]: " Cihan Kömeçoğlu
0 siblings, 1 reply; 3+ messages in thread
From: Glynn Clements @ 2007-12-26 3:28 UTC (permalink / raw)
To: Cihan Kömeçoğlu; +Cc: linux-c-programming
Cihan Kömeçoğlu wrote:
> Hello everybody
>
> I have written simple code about usage of setuid. this program file
> set-user-id bit is on and this process after exec when I execute this
> program, effective user id and saved-user-id bit will be
> program-file's user id. this correct?
>
> But the last output when I set uid to 80(www) ,effective user id
> wasn't 80. Why not? saved set user id is still 80? What is the
> problem?
>
>
> I compiled below code with gcc and I set-user-id bit and change own
> file with this command
[snip]
It works for me; I get:
Real UID = 1001
Effective UID = 80
Real UID = 1001
Effective UID = 1001
Real UID = 1001
Effective UID = 80
This is with a 2.6.17.13 kernel, compiled from stock sources (no
vendor patches).
If you are using a kernel with additional security features (e.g.
SELinux, AppArmor etc), it may impose additional restrictions on
setuid(). You could try using setreuid() to swap the real and
effective UIDs, rather than relying upon the saved UID.
--
Glynn Clements <glynn@gclements.plus.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-c-programming" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re[2]: setuid funciton
2007-12-26 3:28 ` Glynn Clements
@ 2007-12-26 23:48 ` Cihan Kömeçoğlu
0 siblings, 0 replies; 3+ messages in thread
From: Cihan Kömeçoğlu @ 2007-12-26 23:48 UTC (permalink / raw)
To: Glynn Clements; +Cc: linux-c-programming
I understand. Thanks for your answer
I try this code under Freebsd 6.2
and dont give me this output
Wednesday, December 26, 2007, 5:28:08 AM, you wrote:
> Cihan Kömeçoľlu wrote:
>> Hello everybody
>>
>> I have written simple code about usage of setuid. this program file
>> set-user-id bit is on and this process after exec when I execute this
>> program, effective user id and saved-user-id bit will be
>> program-file's user id. this correct?
>>
>> But the last output when I set uid to 80(www) ,effective user id
>> wasn't 80. Why not? saved set user id is still 80? What is the
>> problem?
>>
>>
>> I compiled below code with gcc and I set-user-id bit and change own
>> file with this command
> [snip]
> It works for me; I get:
> Real UID = 1001
> Effective UID = 80
> Real UID = 1001
> Effective UID = 1001
> Real UID = 1001
> Effective UID = 80
> This is with a 2.6.17.13 kernel, compiled from stock sources (no
> vendor patches).
> If you are using a kernel with additional security features (e.g.
> SELinux, AppArmor etc), it may impose additional restrictions on
> setuid(). You could try using setreuid() to swap the real and
> effective UIDs, rather than relying upon the saved UID.
--
Cihan Kömeçoðlu,
EnderUNIX SDT mailto:cihan@enderunix.org
-
To unsubscribe from this list: send the line "unsubscribe linux-c-programming" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-12-26 23:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-12-25 19:12 setuid funciton Cihan Kömeçoğlu
2007-12-26 3:28 ` Glynn Clements
2007-12-26 23:48 ` Re[2]: " Cihan Kömeçoğlu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).