Stack Overflow
Stack Overflow

Questions tagged [setuid]

`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.

254 questions
4
votes
2 answers

Open a file as root, but drop privileges before reading from it?

TL;DR I am writing a C program. I need to have root privileges to fopen a sysfs file, and I still need root privileges in order to read from it. However, since my program will need to continuously read the sysfs file, this implies that it will need…
Marco Merlini
  • 875
  • 7
  • 29
4
votes
2 answers

Can I run a C program containing setuid() without sudo?

I am trying to execute a C program from multiple users and trying to login as other user within the program to access a file. But I am getting error setuid: Operation not permitted Can I do something such I needn't to use sudo every time? Like,…
tarun14110
  • 940
  • 5
  • 26
  • 57
4
votes
1 answer

Dropping process rights under windows

I'm looking for a method to drop process rights for security reasons. I want to start as user with privileges and end as limited user. For example I want my web server to run under restricted user by I still want to listen on port 80. How can I do…
Artyom
  • 31,019
  • 21
  • 127
  • 215
4
votes
2 answers

setting up the environment when changing to another user

I have a bash backup script run as root (cron) that delegates certain tasks to other specific bash scripts owned by different users. (simplified example, principle is, some things have to be done as root, different tasks are delegated to users with…
Joram
  • 3,166
  • 1
  • 22
  • 29
4
votes
1 answer

Is the PAM stack always run as root?

I'm writing a module for Linux PAM, which uses setuid() to drop privileges to the user being authenticated. Of course, this will only work if the EUID is root. So, is the PAM stack always run as root, regardless of the application using it?
Robin McCorkell
  • 744
  • 6
  • 22
4
votes
1 answer

Debugging a setuid program / "Permission denied" with setuid

This is actually a three-part question, which I'll explain below, but the questions are: Using gdb, how can I run part of a program with root authority, and the rest with normal? Why would I get "permission denied" using mkstemp to create a file in…
Dennis
  • 1,071
  • 2
  • 17
  • 38
3
votes
1 answer

files owner:group doesn't change at location /proc// after setuid()?

I had the requirement of spawning a process as a root, then dropping its privileges to non-root user, so to implement this i used setbit for the binary and changes the owner to root. then i spawned the process as a non-root user and initially it…
Abhishek Chandel
  • 1,294
  • 2
  • 13
  • 19
3
votes
2 answers

How can I get the user's locale when running as root?

I am running as root, but have the user's uid (e.g. 504). How can I work out the user's locale (in my case en_GB)? The following does not work: setuid(user_uid); fprintf(stderr, …
fredley
  • 32,953
  • 42
  • 145
  • 236
3
votes
1 answer

Using setuid inside a docker container

I have a container which needs to do some initialisation on startup that can only be done as root, but following good practice I don't want the container running as root. I figured I should be able to create a script inside the container, owned by…
Brian
  • 31
  • 2
3
votes
4 answers

Does any Unix-like system ascribe meaning to the SUID bit on a directory?

As the title says, does any Unix-like system ascribe a meaning to the SUID bit on a directory, and if so, what does it mean? The SVTX (saved text, or sticky) bit has a meaning - thou shalt not delete a file from this directory unless you can write…
Jonathan Leffler
  • 730,956
  • 141
  • 904
  • 1,278
3
votes
1 answer

How to switch user in Docker container with User Namespaces

I am running dockerd 19.03.1, build 74b1e89 with user namespaces enabled on a dedicated ID range cat > /etc/sub{uid,gid} dockeruser:120000:10000 I need to switch in a container from root to a dedicated user, which I create as ARG USERID=26551 ENV…
THX
  • 553
  • 2
  • 8
  • 18
3
votes
0 answers

Running process 'as root' with setuid bit not working as expected - operation not permitted?

I have a program that captures network traffic off a network interface. (It's a C program sitting on libpcap.) I'm running Fedora 26. When I run the program as root, things look great: [craig ~]$ sudo su - [root ~]$ /home/craig/mybinary (output is…
Craig Otis
  • 31,257
  • 32
  • 136
  • 234
3
votes
3 answers

Setuid with GTK+

I'm trying to write a program and integrate it with gui built with Gtk+. The exe that is to be called by the gui however has the setuid bit set. However gtk does not allow this exe to run as specified by the gtk community. They however say that we…
linuxnewbie
  • 89
  • 7
3
votes
1 answer

Detect death of parent process from `setuid` process

I write C application that calls fork() to create child processes. The application runs as root. In the parent process, I use wait() for waiting terminated child processes. In child processes, I use prctl() with PR_SET_PDEATHSIG option to detect the…
QuangNHb
  • 304
  • 2
  • 9
3
votes
1 answer

Can cpan's use of the .local directory be redirected?

I have a setuid program which then calls cpan as root on behalf of the user. This works for commands like yum, but fails for cpan. My problem is that the users' home directories are NFS mounted shares, and use the root-squash option, so root has no…
Robert Nix
  • 69
  • 1
  • 7
1 2 3
16 17