Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was trying to use the setuid bit on a file so that it runs as the root user. I then changed the permissions on the file to 700. However, when I try to run the file I get a permission denied error. I was wondering is there a way to set the setuid bit on Debian or has this been taken out?
...is there a way to set the setuid bit on Debian or has this been taken out?
Had to chuckle at that.
What is this program trying to do? Is it a script? Scripts may have issues with setuid, that's a fairly high risk security issue, but they can be made to work. If your executable is trying to write to a directory that only root has access to, I think that may cause problems.
Setuid is, surprisingly to me, one of the least documented features in Linux. For some time, I've been thinking about playing around with it to see if I could understand it well enough to write the definitive documentation. Haven't done it yet. Sorry.
Yeah I did that. What I read is that some distros disable the setuid bit from executing on scripts and some distros disable it all together. The script was nothing more that apt-get update;apt-get upgrade. The truth is I can just as easily put all users in the user group and add a rule to let all users in the sudo group run the command with sudo. I'm more curious if this still workes.
The script was nothing more that apt-get update;apt-get upgrade.
There is no question that those programs are going to write to directories for which only root has access. I recently needed to have some users write to a file in /etc/network/. I had to give them write access to that directory, as well as set suid on the script. Setuid seems to give permission only the execute the program, but does not carry root priviledges to actions invoked by the program.
As I said, I really want to sit down and study how it works ... one of these days.
SUID shell scripts are a serious security risk, and for this reason the kernel will not honor them. Regardless of how secure you think the shell script is, it can be exploited to give the cracker a root shell.
This seems to suggest that it won't work on any distro, since it's a kernel thing...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
