Stack Overflow
Stack Overflow

Questions tagged [setuid]

`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.

254 questions
9
votes
2 answers

"Operation not permitted" while dropping privileges using setuid() function

Why this simple programs that use os.setuid()/gid() fails? Is written in python but I think that is not a language relative problem (at the end are all the same posix system call): import os, pwd if os.getenv("SUDO_UID") and os.getenv("SUDO_GID"): …
Emilio
  • 3,901
  • 11
  • 44
  • 50
9
votes
2 answers

Change UID/GID only of one thread in Linux

Is there a way to change UID/GID only of one thread in a multithreaded process? The reason for this is writing a file-serving application - the ACL's and quota are not enforced unless the uid/gid of the caller is set to the correct user, new…
ondra
  • 9,122
  • 1
  • 25
  • 34
8
votes
3 answers

setuid on an executable doesn't seem to work

I wrote a small C utility called killSPR to kill the following processes on my RHEL box. The idea is for anyone who logs into this linux box to be able to use this utility to kill the below mentioned processes (which doesn't work - explained below).…
pmn
  • 187
  • 1
  • 1
  • 10
7
votes
3 answers

correct way to run setuid programs in C

I have a process with permissions 4750. Two users exist in my Linux system. The root user and the appz user. The process inherits the permissions of a process manager that runs as "appz" user. I have two basic routines: void do_root (void) { …
cateof
  • 6,608
  • 25
  • 79
  • 153
7
votes
1 answer

How to set permissions recursively, 700 for folders and 600 for files, without using find

I'm trying to figure out a way to set permissions recursively 700 for dirs and subdirs on a specific path and 600 for files. I would use these commands: find /path -type d -print0 | xargs -0 chmod 700 find /path -type f -print0 | xargs -0 chmod…
Ichundu
  • 173
  • 1
  • 10
7
votes
1 answer

Why do my setuid root bash shell scripts not work?

I created this simple script to allow the user to remove files created by the web server in his home directory without giving him "su". Both scripts are set with "chmod 4750". The craziest thing is that they DID work and now they don't. Here's the…
Bob
  • 71
  • 1
  • 1
  • 3
7
votes
1 answer

Why ptrace doesn't attach to process after setuid?

I have a problem with my Linux daemon program. It starts with root privileges, does some configuration, then permanently drops privileges by switching to some user and group and continues working. The switch to the non-privileged user is done like…
user3232765
  • 171
  • 1
  • 6
7
votes
2 answers

Program can't load after setting the setuid bit on

Consider this scenario in which an executable A.bin uses libY.so and libZ.so. A.c, Y.c and Z.c are all written in C. Z.c and Y.c are compiled into respective .so files. This is the directory structure of the…
Saradhi
  • 477
  • 6
  • 13
6
votes
1 answer

security issue with set-uid and a relative path for INTERP (dynamic linker) in ELF

The combination of set-uid and a relative path in the INTERP section of an ELF binary is very dangerous. I'm not quite sure how and where this problem should be reported, but it seems to me like a general security issue concerning how dynamic…
siddhadev
  • 16,501
  • 2
  • 28
  • 35
6
votes
5 answers

"Operation not permitted" on using os.setuid( ) [python]

I'm trying to build a platform to launch some scripts. This scripts are placed in home folder of each user. Every launch should be done with each user id so, I'm doing, for each user, this: user_id = pwd.getpwnam( user )[ 3 ] user_home =…
carlesh
  • 537
  • 1
  • 4
  • 17
6
votes
1 answer

Mac App Store app with elevated privileges

I have a question regarding the Mac App Store. I am planning to release a software with admin privileges to achieve its core functionality, but according to Apple - 2.27 - Apps that request escalation to root privileges or use setuid attributes…
koo
  • 2,888
  • 1
  • 23
  • 29
6
votes
1 answer

Is SetGID/SetUID on a Go[lang] binary safe?

I've written a simple go program using YAML and the MySQL drivers with the intention of providing a simple utility to update a database without exposing the username and password credentials to the user executing the program. (I'm well aware that I…
Jim Dennis
  • 17,054
  • 13
  • 68
  • 116
6
votes
2 answers

setuid equivalent for non-root users

Does Linux have some C interface similar to setuid, which allows a program to switch to a different user using e.g. the username/password? The problem with setuid is that it can only be used by superusers. I am running a simple web service which…
Jeroen Ooms
  • 31,998
  • 35
  • 134
  • 207
6
votes
1 answer

setgid() fails - operation not permitted

I created a setuid program in C. The executable looks like this: -r-s-r-s--- 1 root users 13073 Jun 15 21:56 server I execute the program as userA/users and try to set the uid/gid to userB/otherUsers. setgid() fails with Operation not permitted.…
multiholle
  • 3,050
  • 8
  • 41
  • 60
5
votes
1 answer

Execute commands as root without root password or sudo

I understand the implications of running a script as root, especially by a web application. However as part of my web application, I need to use curl with tor and this needs resetting the tor ip occasionally. tor can get a new ip when the service is…
Joel G Mathew
  • 7,561
  • 15
  • 54
  • 86
1
2
3
16 17