Stack Overflow
Stack Overflow

Questions tagged [setuid]

`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.

254 questions
5
votes
1 answer

Considerations for a setuid wrapper

A Python extension I've written requires root access to do a single hardware initialisation call. I'd rather not run the whole script as root just for this one call in my extension, so I would like to write a wrapper to do this initialisation before…
detly
  • 29,332
  • 18
  • 93
  • 152
5
votes
3 answers

Golang dropping privileges (v1.7)

I want to make a custom webserver via golang. It needs root to bind to port 80. However I want to drop root as soon as possible. syscall.SetUid() returns "Not supported" as per ticket #1435. I could always reroute port 80 to something else via…
user2089648
  • 1,356
  • 2
  • 17
  • 31
5
votes
1 answer

What do getresuid() and setresuid() do?

What do the functions getresuid(&arg1,&arg2,&arg3) and setresuid(arg1,arg2,arg3) do? It would be great if a really basic explanation of these functions were given.
Aswin G
  • 361
  • 3
  • 9
  • 18
5
votes
4 answers

What's the best way to perform system tasks from Ruby on Rails?

I am building a small system administration web application (think Web-Min, but in RoR) and I need to be able to access system parameters from my Ruby code. For instance, I want to allow the user to change the hostname, time zone, or network config…
Richard Hurt
  • 2,049
  • 24
  • 32
5
votes
1 answer

setuid/setgid wrapper for python script

I have a Python script that I wish to be able to be run as the system user guybrush with UID 200 and group guybrush with GID 200. At the moment my Python script (located in /path/to/script.py) looks like this: #!/usr/bin/env python2 import os print…
DanielGibbs
  • 9,910
  • 11
  • 76
  • 121
5
votes
3 answers

Can I setuid a perl script?

I made a perl script to change owner of a file owned by some other user. Script is complete. My administrator save that in /sbin directory and set uid for it using chmod u+s name_of_script. But when I run this script it gives me error that chown…
Sumit Rathore
  • 571
  • 2
  • 7
  • 19
5
votes
4 answers

running git 'post-receive' hook with setuid fails

I have a git repository that needs to run a post-receive hook as sudo. The binary that I compiled to test this looks like: #include #include #include int main() { int ret; ret = setuid(geteuid()); if(!ret)…
Blake Chambers
  • 505
  • 1
  • 5
  • 14
5
votes
1 answer

can I pass argv from main to execv?

The execv() function expects an array of NULL terminated strings but doesn't take the number of arguments. It uses a sentinel value (NULL pointer) to determine when the array ends. The man page for execv() states... The first argument, by…
eric.frederich
  • 1,598
  • 4
  • 17
  • 30
4
votes
1 answer

Linux effective, real, saved, filesystem UID manipulation in pseudocode

I have spent some time on a little code in Groovy to make Linux UID manipulation somewhat less confusing to myself and because the man pages are messy. The result is a TestCase which is meant to show what happens under the hood of the setuid,…
David Tonhofer
  • 41
  • 1
  • 2
4
votes
3 answers

Can an iPhone App Be Run as Root?

I am thinking about the design of an iPhone app I'd like to create. One possible problem is that this application will have to run as root (to access certain network ports). In a typical UNIX app, I'd just get the app to run with setuid, but I'm…
Kristopher Johnson
  • 81,409
  • 55
  • 245
  • 302
4
votes
2 answers

JNI + setuid Question

I have a web application that runs as a user www. However at one point it needs to read a file from a Linux filesystem on behalf of users Alice and Bob. One way of doing this would be to launch a shell (Runtime.exec()) and call a C setuid…
Paula
  • 41
  • 1
  • 2
4
votes
3 answers

Setting root-only permissions on /dev files and build binary

As part of a build process, I want to run the following two commands: sudo chmod a+r /dev/cpu/*/msr sudo setcap cap_sys_rawio=ep ./bench This sets the /dev/cpu/*/msr files exposed by the msr kernel module to world-readable, and sets additional…
BeeOnRope
  • 60,350
  • 16
  • 207
  • 386
4
votes
1 answer

Setuid binary to spawn root shell by overriding %n, does not work with exploit but works when exploit is unnecessary

I have a Setuid binary that has a printf format string vulnerability that is supposed to be exploited with "%n" to overwrite the value of the authenticated global variable. The execution of /bin/bash works with root Setuid permissions when…
ddaarrkkssttaar
  • 51
  • 5
4
votes
1 answer

seteuid/geteuid: Program always has root id

I'm currently trying to figure out how the SUID-bit and the corresponding functions seteuid and geteuid work. So I wrote this little program: #include #include #include #include int main(int argc, char…
Chris
  • 2,030
  • 1
  • 16
  • 22
4
votes
1 answer

How to successfully run Perl script with setuid() when used as cgi-bin?

I have a Perl script that is called either via Apache or on the command-line. For testing purposes, I pass it the username I want the Perl script to operate with, and use POSIX::setuid to set the uid. If I run the script from the command line, then…
Alex Reynolds
  • 95,983
  • 54
  • 240
  • 345
1 2
3
16 17