`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.
Questions tagged [setuid]
254 questions
3
votes
1 answer
How Linux Capabilities relate to zero/non-zero UID?
The capabilities manpage is rather long and I do not fully understand some things.
How would look, for example, a function that decides whether we have access to CAP_NET_RAW?
Input:
a = Effective uid is 0
b = There are some real/saved/whatever uid…
Vi.
- 37,014
- 18
- 93
- 148
3
votes
2 answers
stdbuf with setuid/capabilities
I am reading output from another process which generates output (slow and infinite). Because I want to read this data in real-time I use "stdbuf -oL" (line-buffered, data is text). I do not have control of the generating process so I cannot modify…
ext
- 2,593
- 4
- 32
- 45
2
votes
1 answer
setuid program owned by non-root user
I have a setuid program (getpwd) that runs as expected only when owned by root.
-rwsr-xr-x 1 root root 7981 2011-11-17 18:28 getpwd*
In other words when my program is executed on the command line by user "alice" all works fine
The program opens a…
user621092
- 51
- 1
- 6
2
votes
0 answers
How to prevent unextracable docker images because of insuffcient UID range?
I am build docker images for a node.js application in a Github Actions workflow and I publish them on Azure ACR.
When I try to pull the image from the ACR to my machine or the Azure App Service, on both environments, I receive errors like…
dfsg76
- 504
- 1
- 6
- 22
2
votes
1 answer
Why is /proc/self/fd/N forbidden after setuid?
Consider running the following Python code as root:
import os
f=os.open("/etc/shadow", os.O_RDONLY)
os.setuid(65535)
os.open(f"/proc/self/fd/{f}", os.O_RDONLY)
Here is a one-liner convenient for pasting:
python3 -c 'import os;…
Helmut Grohne
- 6,578
- 2
- 31
- 67
2
votes
2 answers
Can owner technically run setuid and not be able to execute program?
When a setuid program is run, are the permission bits for the owner technically rwx?
I was thinking that the first three permission bits were for the owner but thinking on it more if they were ---, this wouldn't make sense as a setUID program.
My…
jjkl
- 353
- 6
- 15
2
votes
2 answers
Can I use setuid or sticky to make a file created by PHP a certain user?
I'm using WordPress and I want files created by WordPress to have the user of the file that created them, not the user the web server is running as. For example, my WordPress files and directories are owned by philip in the group www-data. When…
Philip Walton
- 29,693
- 16
- 60
- 84
2
votes
1 answer
Can gdb debug suid root programs?
I did a program that call setuid(0) and execve("/bin/bash",NULL,NULL).
Then I did chown root:root a.out && chmod +s a.out
When I execute ./a.out I get a root shell. However when I do gdb a.out it starts the process as normal user, and launch a user…
jyz
- 6,011
- 3
- 29
- 37
2
votes
1 answer
How is bash able to kill children processes with CTRL+C
I wrote a simple program as follows -
int main(int argc, char* argv[]) {
setuid(0);
setgid(0);
printf("Current uid and euid are %d, %d\n", getuid(), geteuid());
while(1);
}
I compiled this as root and set the setuid bit using sudo…
Ajay Brahmakshatriya
- 8,993
- 3
- 26
- 49
2
votes
3 answers
setuid(0) and system fails
I have a program running in C. This needs to execute an "iptables" command using system.
I tried
setuid(0);
system("iptables .... ");
setuid and system do not coexist. from the system man page
Do not use system() from a program
with set-user-ID…
cateof
- 6,608
- 25
- 79
- 153
2
votes
1 answer
If a process started from a setuid binary forks, and the child drops privileges, can the child still be trusted?
Let's say the following program is executed from a setuid-root binary, by a non-root user:
int main()
{
if (fork()) {
/* Parent process */
int wstatus; wait(&wstatus);
if (WEXITSTATUS(wstatus) == 0) {
/* Child…
flarn2006
- 1,787
- 15
- 37
2
votes
3 answers
How do I preserve the setuid bit in tar archives with Perl's Archive::Tar?
I'm using Perl's Archive::Tar module. It preserves the file permissions but doesn't preserve the sticky bit. At the other end where I extract the archive, all the sticky bits are gone. I think UNIX/LINUX operating system stores these sticky bits…
Ram
- 3,034
- 11
- 38
- 46
2
votes
2 answers
SETUID at filesystem level
Suppose we are looking at the following scenario:
File saymyname.c (includes omitted)
int main(int argc, char** argv){
system("whoami");
}
Build and set permission bits:
cake@lie> gcc saymyname.c -o saymyname
cake@lie> sudo chown root:root…
nitowa
- 1,079
- 2
- 9
- 21
2
votes
1 answer
PHP scp file from remote server
How do I from a PHP script scp a file from a remote server ?
I have tried shell_exec("scp remote:file dir") but that does not work because user apaache does not have a shell associated on the remote server, and can therefore not do ssh.
I have…
Axel Bregnsbo
- 3,773
- 2
- 22
- 16
2
votes
1 answer
Does an executable have the same file privileges as the user who ran it?
In Unix, if I run a binary which mucks around with files, does the binary have the same file permissions as myself (the user who ran the binary)?
rampatowl
- 1,722
- 1
- 17
- 38