1

I have a very simple program:

#define _GNU_SOURCE
#include<unistd.h>
#include<stdio.h>
#include<stdlib.h>

void error(char *msg) {
  printf(msg);
  exit(-1);
}

int main(int argc, char **argv) {
    uid_t ruid, euid, suid;

    if (getresuid(&ruid, &euid, &suid) < 0)
        error("Error getting process uids");

    printf("%d %d %d\n", ruid, euid, suid);
}

Compiled as follows:

gcc -o print print.c

Its owned by root, and has the setuid bit set:

-rwsrwxr-x 1 root root 8648 Oct 8 20:10 ./print*

However when I run it, I get the following permissions:

1000 1000 1000

So both the real, effective, and saved set-uid permissions are all me (1000) and not root. Has anyone ran into this? any advice?

dimo
  • 53
  • 5

2 Answers2

1

Ok, figured it out. The issue was that the binary was living in on an encrypted file system. (moving it to /tmp for example fixes it). Its worth noting that in mount the encrypted file system doesn't show nosuid.

dimo
  • 53
  • 5
-1

Do you execute the code as root?

In your description, you said you ran it (not the root ran it). If so, getresuid() is expected to return "your" UID, e.g., the calling process's UID.

I ran the program on my "Ubuntu" machine (but actually the dist doesn't matter since it's a syscall) and get expected results. When I executed as root, I got "0 0 0" and when I executed as "myself", I got "1000 1000 1000"

Tianyin Xu
  • 1
  • I would expect that the the last number there should be 0, not 1000. That is the saved suid should be 0. – dimo Oct 09 '14 at 05:00
  • you are right. How did you make sure you have the setuid bit set? I change the mode to u+s and get the results "1000, 0, 0" – Tianyin Xu Oct 09 '14 at 17:24