Stack Overflow
Stack Overflow

Questions tagged [setuid]

`setuid` is a file permission flag under Unix-like systems that will run an executable with the file owner's permissions rather than the invoking user's. On some systems (FreeBSD), it further works identically to the related `setgid` flag on directories, causing new files to inherit the directory's permissions rather than the current user's.

254 questions
2
votes
1 answer

A second getpwuid call appears to overwrite old value

Here's a small C program that prints (well, supposed to print) the real and effective IDs of a process when the file has the setuid flag set. In this program, when I call getpwuid a second time (L.No 38), it tends to overwrite the value of the…
pmn
  • 187
  • 1
  • 1
  • 10
2
votes
1 answer

setuid() C function changes euid value too?

This sample suid program #include #include #include #include void main() { int ret; printf("uid=%d, euid=%d\n", getuid(), geteuid()); ret = setuid(1000); printf("uid=%d, euid=%d\n", getuid(),…
Antonio Rizzo
  • 748
  • 1
  • 8
  • 17
2
votes
3 answers

wrong environment when using python subprocess as another user

I have this simple python script that run as root, but will execute subprocesses as some other user: #!/usr/bin/env python2 import subprocess import os def demote(user_uid): def result(): os.setuid(user_uid) return result cmd = "echo…
Dave Seff
  • 125
  • 2
  • 7
2
votes
2 answers

What's the proper way to drop to a lower privilege level with setuid?

I'm writing a program in C that binds to a port < 1024. I'd like it to run at non-root privileges thereafter. I know I need to call setuid(), but with what argument? UID's vary from system to system.
Derrick
  • 2,356
  • 5
  • 32
  • 43
2
votes
0 answers

setfsuid() - how to interpret result code?

The man page for setfsuid() says: On success, the previous value of fsuid is returned. On error, the current value of fsuid is returned. If I'm not wrong one could simply say "setfsuid() always returns the fsuid value that was set before calling…
Udo G
  • 12,572
  • 13
  • 56
  • 89
2
votes
1 answer

I cannot access a file belonging to a group after calling setgid and setuid in linux

Lets add a new group and user and add it into system group video $ sudo addgroup --system mydaemon $ sudo adduser --system --no-create-home --ingroup mydaemon mydaemon $ sudo adduser mydaemon video Create a file and change its owner to root and…
Honza
  • 1,734
  • 3
  • 16
  • 22
2
votes
0 answers

Using setuid() after fork()

I have a server which is handling requests of different users. After connecting to a client I fork a child process and use setuid() to switch to the client user. As it looks like it sets also the uid for the parent. How can I set the uid only for…
multiholle
  • 3,050
  • 8
  • 41
  • 60
1
vote
1 answer

Load MobileSubstrate in setuid iPhone app

I have a root app on my iPod touch (Installer4) and I want it to load MobileSubstrate so I can start making a tweak to fix its bugs. I know that root apps have an intermediate executable to be able to put 6755 permissions on it without the app to…
Philippe97
  • 380
  • 4
  • 9
1
vote
1 answer

Is there a way to run seteuid() (as a non-root user) and temporarily change the euid to another non-root user without root/sudo privileges?

I'm trying to write a C program which is supposed to open a file which can only be read/written to by (non-root) User A. When run by users who are neither root nor User A, the program should allow the user to open the file with the effective user…
strugglecity
  • 11
  • 2
1
vote
2 answers

Does anyone use BetterAuthorizationSample?

On OS X privileged operations are done through AuthorizationExecuteWithPrivileges() around which Apple published two recommendations: The old MoreAuth using setuid helper tools. The current BetterAuthorizationSample littering the system with launchd…
Tobias
  • 3,882
  • 2
  • 22
  • 25
1
vote
0 answers

Network sniffer that opens the ips as tabs in browser?

I'm trying to write a code that basically grabs the network traffic sniffed by wireshark and opens the ips in tabs in selenium. At first I tried using whois and socket.gethostbyaddr() as All I needed was to translate the ips to domains. But it…
Alex Montsarj
  • 11
  • 4
1
vote
1 answer

Can't enter mount namespace created by a setuid process

A root-owned setuid bit daemon switches back to the real user and creates a mount namespace. A user-owned executable with CAP_SYS_ADMIN and CAP_SYS_CHROOT bits set tries to enter that namespace and fails. daemon.c: #ifndef _GNU_SOURCE #define…
Velkan
  • 7,067
  • 6
  • 43
  • 87
1
vote
0 answers

NodeJS and dropping privileges temporarily

I am looking for a way to drop process privileges and get them back after doing some operations. Usually it is done using the setresuid system call, here is an example in Python, however it also works in C, Rust, Ruby & Go: #!/usr/bin/env python3 #…
Monkeyphant
  • 105
  • 1
  • 5
1
vote
0 answers

Unable to setuid() in shellcode before execve

I've got the following shellcode which I can convince a setuid binary to execute as the result of a buffer overflow: push 1009 ; #owner_userid pop rdi push 105 pop rax syscall ; #sys_setuid(1009) xor rsi, rsi push rsi mov rdi,…
pavja2
  • 397
  • 3
  • 9
  • 20
1
vote
1 answer

[Linux Difference between SUID and cap_setuid of binary]

"I dont understand difference between SUID of binary and cap_setuid in linux.Then, difference between SUID and setuid"
kaiharvez
  • 11
  • 1
1 2 3
16 17