LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software > Linux - Kernel
User Name
Password
Linux - Kernel This forum is for all discussion relating to the Linux kernel.

Notices

Reply
 
Search this Thread
Old 02-20-2013, 09:02 AM   #1
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Rep: Reputation: 0
How to get root privileges from process


It's possible to get root privileges by simple code like this:

Code:
char *name[2];
name[0] = "/bin/bash";
name[1] = "-p";
name[2] = 0x0;

execve(name[0], name, 0x0);
but this solution requires to set sticky bit chown root:root; chmod u+s.

The question is how to get root privileges only by providing user name and password (by process and to this process, - so process asking user for login information and use this permission to execution).

Solution shall work on all of the modern Linux environments since RHEL 4.
 
Old 02-20-2013, 09:09 AM   #2
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 285Reputation: 285Reputation: 285
Root privileges to run/execute what?

Quote:
but this solution requires to set sticky bit chown root:root; chmod u+s.
This is not sticky bit. But this is changing owner/group to root:root and then applying SUID. Sticky bit can be set as:-
Code:
~$ chmod a+t filename
But once let's know what is your purpose of doing this, and where you want to apply these changes?
 
Old 02-20-2013, 09:29 AM   #3
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,377

Rep: Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108Reputation: 1108
It's easier to just set the command-prompt to "#" from "$".

Believe me, kid, if it really were this easy, legions of bored MIT students would have done it long before you were born.
 
Old 02-20-2013, 09:53 AM   #4
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by shivaa View Post
Root privileges to run/execute what?



This is not sticky bit. But this is changing owner/group to root:root and then applying SUID. Sticky bit can be set as:-
Code:
~$ chmod a+t filename
But once let's know what is your purpose of doing this, and where you want to apply these changes?
I am working on GUI program that should ask user for in which mode this program should be executed, under non-root account (under is user account) or under privileged account (under root). So, I just have a dialog with that options, and if users clicked to continue execution under root account, program asks user for login information.

I know some tricks with IOCTL, but I think it's not good idea to going around su command. In addition, this program should be transferred without installation and I can't ask user to set file system permissions before launch.
 
Old 02-20-2013, 09:55 AM   #5
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by sundialsvcs View Post
It's easier to just set the command-prompt to "#" from "$".

Believe me, kid, if it really were this easy, legions of bored MIT students would have done it long before you were born.
Thank you for your opinion, but if there is no easiest ways are exists, can you suggest a hard one? This feature is really necessary for my app, and I have to find a solution.
 
Old 02-20-2013, 10:18 AM   #6
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,797
Blog Entries: 4

Rep: Reputation: 285Reputation: 285Reputation: 285
Quote:
Originally Posted by syscreat View Post
I know some tricks with IOCTL, but I think it's not good idea to going around su command. In addition, this program should be transferred without installation and I can't ask user to set file system permissions before launch.
Once share the screenshot of the error dialogue box. And let's know what is your application.

However, if you've to set sticky bit, you can use above said method. It's actually used to run an executable with file owner's privileges and in your case it's root. So when you will invoke the excutable file (i.e. your application), you will automatically invoke it with root privilages.

So once also share output of following:-
Code:
~$ ls -la <filename>
 
Old 02-20-2013, 10:29 AM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860
On RHEL there is a preferred method for doing that which involves using consolehelper. I suggest you use that instead of re-inventing the wheel yourself or introducing setuid root binaries completely unnecessarily.
 
Old 02-20-2013, 11:12 AM   #8
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by shivaa View Post
Once share the screenshot of the error dialogue box. And let's know what is your application.

However, if you've to set sticky bit, you can use above said method. It's actually used to run an executable with file owner's privileges and in your case it's root. So when you will invoke the excutable file (i.e. your application), you will automatically invoke it with root privilages.

So once also share output of following:-
Code:
~$ ls -la <filename>
I am workin on application installer that should ask user in which privileges installer should install an apps, for current user, or for all users. So, I can ask user about setting file system permission.

Error box? I don't have any error messages, and ls will show you usual permissions.
 
Old 02-20-2013, 11:14 AM   #9
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by unSpawn View Post
On RHEL there is a preferred method for doing that which involves using consolehelper. I suggest you use that instead of re-inventing the wheel yourself or introducing setuid root binaries completely unnecessarily.
Thank you unSpawn, unfortunately for this solution, app should work on any modern Linux distributions, not only RHEL.
 
Old 02-20-2013, 11:38 AM   #10
mina86
Member
 
Registered: Aug 2008
Distribution: Slackware
Posts: 375

Rep: Reputation: 150Reputation: 150
Quote:
Originally Posted by syscreat View Post
I am working on GUI program that should ask user for in which mode this program should be executed, under non-root account (under is user account) or under privileged account (under root). So, I just have a dialog with that options, and if users clicked to continue execution under root account, program asks user for login information.
You want to use kdesudo, gksu or something similar.
 
Old 02-20-2013, 11:52 AM   #11
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860
AFAIK Gnomesu, gksudo, gksu, kdesu, kdesudo are tied to the installed choice of Desktop Environments. consolehelper OTOH is tied to PAM so most current, maintained distro releases should have it.
 
Old 02-20-2013, 12:53 PM   #12
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by unSpawn View Post
AFAIK Gnomesu, gksudo, gksu, kdesu, kdesudo are tied to the installed choice of Desktop Environments. consolehelper OTOH is tied to PAM so most current, maintained distro releases should have it.
Sure, but am I looking for how to do this by system calls. And from your suggestion, PAM is available since RHEL 5, for me RHEL 4 support is also required.
 
Old 02-20-2013, 01:12 PM   #13
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by mina86 View Post
You want to use kdesudo, gksu or something similar.
I agree, this solution will work on most of the system now, but what happened one day, when new desktop environment will be released and user will try to this this app? No *su* will be found, and application functionality will be missed. It's not a right way to solve this puzzle. It's also affects user who will try to start an app in very unusual DE.
 
Old 02-20-2013, 03:39 PM   #14
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860
Quote:
Originally Posted by syscreat View Post
PAM is available since RHEL 5, for me RHEL 4 support is also required.
Previous millennium. Old school. PAM was already incorporated way back when Fedora's predecessor still went by the name of "Red Hat Linux".
 
Old 02-21-2013, 03:47 AM   #15
syscreat
LQ Newbie
 
Registered: Dec 2009
Posts: 12

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by unSpawn View Post
Previous millennium. Old school. PAM was already incorporated way back when Fedora's predecessor still went by the name of "Red Hat Linux".
Ok, only one way to use PAM what I found (http://vkrejcirik.info/2012/06/09/au...-pam-in-linux/) is to change group permissions. But, I need a way where I do not need to change anything on a user machine, just ask for user name and password and do my job.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
different root privileges? yaximik Linux - Newbie 1 11-02-2012 08:52 PM
trimmed root privileges camielcastillo Linux - Security 5 11-16-2010 07:47 AM
Running a process with limited root privileges geek.ksa Linux - Security 6 02-19-2009 04:35 PM
Ssh root privileges gabsik Linux - Security 1 05-28-2008 10:19 PM
How to mount without root privileges? ni0wn Slackware 3 09-15-2004 05:03 PM


All times are GMT -5. The time now is 05:32 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration