|
setuid program owned by non-root user
I have a setuid program (getpwd) that runs as expected only when owned by root.
ie -rwsr-xr-x 1 root root 7981 2011-11-17 18:28 getpwd* In other words when my program is executed on the command line by user "alice" all works file The program opens a file in directory /home/secure and print the contents to screen. eg alice@devbox:/home/alice/tmp$ ./getpwd setuid is working However when I change the ownership and set setuid of the file: chown secure:users getpwd chmod 4755 getpwd -rwsr-xr-x 1 secure users 7981 2011-11-17 18:28 getpwd* The program does not run when executed as user "alice". eg alice@devbox:/home/alice/tmp$ ./getpwd cannot open file /home/secure/test ... Why is this happening. |
Quote:
|
Quote:
ls -ld /home/ /home/secure/ drwx--x--x 2 secure users 280 Nov 18 11:16 /home/secure/ ls -ld /home/secure/* -rw------- 1 secure users 33 Nov 15 14:35 /home/secure/test This is correct as only user secure should be able to read the file. |
That's because you changed the ownership after setuid is set!
Change the ownership of the file first, set what the owner can do then and only then set the setuid What i mean on the 2nd clause is if owner is suppose to execute the file give it (x) permissions. http://www.cyberciti.biz/faq/unix-bs...x-setuid-file/ If setuid bit turned on a file, user executing that executable file gets the permissions of the individual or group that owns the file. ********************************** If i answered your question, say so *********************************** |
Quote:
Thanks, Makes perfect sense |
| All times are GMT -5. The time now is 10:55 PM. |