`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.
Questions tagged [setuid]
254 questions
1
vote
2 answers
can't get setuid bit to work on Ubuntu 14.04
I have a very simple program:
#define _GNU_SOURCE
#include
#include
#include
void error(char *msg) {
printf(msg);
exit(-1);
}
int main(int argc, char **argv) {
uid_t ruid, euid, suid;
if (getresuid(&ruid,…
dimo
- 53
- 5
1
vote
1 answer
setegid() in a suid-root binary in C
Good evening,
I am trying to write a suid-root binary in C and I have stumbled across the following problem:
I execute it as a non-privileged user user1 and I am able to use setuid/seteuid to change to any user id I want. The problem is that I can't…
DaKnOb
- 577
- 4
- 17
1
vote
2 answers
Default user for files and directories created in bash under sudo
I'm writing a bash script that creates directories and copy files under Mac OSX. Some of these directories and files need to be placed in folders owned by the system such as /Library/Audio/Plug-Ins, and so I run the script under sudo. Such script…
Periodic Maintenance
- 1,698
- 4
- 20
- 32
1
vote
3 answers
Oracle Enterprise Manager Error - NMO setuid (root)
I've been trying for days to fix the "Connection to host as user SYSDBA failed.ERROR: NMO not setuid-root (Unix-only)".
All, without exception, of the blogs I visited, say that in order to fix the issue, it's only needed to run the root.sh script as…
user3041770
- 13
- 1
- 2
- 5
1
vote
4 answers
how to get back to original status/user after setuid()?
I have a program to run as root, and during execution this program will do a few things as different uers, so I wanted to use a serial of setuid()s. But, I found that, after setuid(user1), I become user1 and thus don't have the privilege to do…
Wang Tuma
- 893
- 5
- 14
- 24
1
vote
0 answers
Set some capabilities in linux process then drop superuser privileges?
In a C program, I have to deal with RLIMIT_NPROC and RLIMIT_NOFILE limits and additionally bind to a port less than 1024. I am thinking to run this under an unprivileged user since my program needs only two capabilities.
I saw here that I can set…
Akaks
- 461
- 3
- 21
1
vote
1 answer
How can I retrieve my process's saved uid?
In POSIX, there are the well-known functions getuid() and geteuid() for fetching the real and effective uid of the process. However, it is often useful to check the saved uid also (on platforms supporting POSIX saved uids, which is every current…
Nicholas Wilson
- 9,435
- 1
- 41
- 80
1
vote
0 answers
What's the standard paradigm for exec'ing after dropping root?
In code like this in a daemon:
// run as root, after initgroups(...), setgid(...)
setuid(user);
const char* args[] = {"./userbinary",0};
execv("userbinary", args);
_exit(1);
there's an obvious problem where the user can attach to the process…
Nicholas Wilson
- 9,435
- 1
- 41
- 80
1
vote
1 answer
Function seteuid() called from set-root-id program works but shows error msg
I compiled this sample set-root-id program:
#define _GNU_SOURCE
#include
#include
#include
#include
#include
#include
void print_ids()
{
uid_t ruid,…
Antonio Rizzo
- 748
- 1
- 8
- 17
1
vote
2 answers
setuid(0) gives EPERM on Mac OS X 10.9
when executing this:
err = setuid(0);
if (err < 0) {
fprintf(stderr, "return value: %d \n", err);
fprintf(stderr, "error code: %d \n", errno);
}
I am getting this output:
return value: -1
error code: 1
Error code 1 implies an EPERM…
Ali Maisam
- 239
- 1
- 3
- 15
1
vote
1 answer
Linux group scheduling for user not being applied to setuid-ed process
On the 2.6.28-11 Linux kernel, I am using setpriority to bias the amount of cpu time different user processes receive. User 1 is to receive double the CPU power of user 2. Using Linux's setpriority, I have assigned user 2 a lower priority (higher in…
BrainCore
- 5,214
- 4
- 33
- 38
1
vote
1 answer
Why doesn't setting the SUID bit in OpenBSD set effective and saved UIDs to executable file owner?
I am using a fresh install of OpenBSD 5.3 as a guest OS on Parallels for Mac:
$ uname -a
OpenBSD openbsd.localdomain 5.3 GENERIC#53 amd64
To my surprise, a binary file owned by root with its SUID bit set runs with UIDs as if the SUID was not set.…
mdittmer
- 534
- 3
- 9
1
vote
2 answers
Purpose of issetugid?
According to the man pages for issetugid, the call is supposed to either (1) alert to uid/gid changes; or (2) alert to a possible tainted environment. The function name suggests a third purpose.
First question: what is it purpose?
When I look at the…
jww
- 97,681
- 90
- 411
- 885
1
vote
0 answers
How to use stapdev and stapusr groups for SystemTap?
I have tried to add myself to stapdev and stapusr in order to run stap without sudo. I'm trying to run a simple example but getting an error as such:
$ groups
gokce adm cdrom sudo dip plugdev lpadmin sambashare stapdev stapusr
$ cat hello.stp
probe…
none
- 11,793
- 9
- 51
- 87
1
vote
2 answers
C set executable permissions through Makefile
I am using a Makefile to compile my C program and want to make the executable setuid. How can I set the permissions using the Makefile?
user1190650
- 3,207
- 6
- 27
- 34