Hii all,

Need help regarding SUID

I have this example of passwd command where SUID is set so it can be used by a user with the privileges of root and also the command ping.


First the passwd command when I removed the SUID bit from the permission of /usr/bin/passwd I get to use the command as I used it previously

Second the ping command when I removed the SUID bit from the permissions of /bin/ping I get the following error when i use ping from a user command prompt
ping 127.0.0.1
error::

ping: icmp open socket: Operation not permitted
NOTE : I changed the permissions from 4755 to 755
so my doubt is why is it behaving differently for same type of permissions change SUID what exactly is it doing and how can people use it in real time for their applications and directories protection.

That isn't quite true; you can run the passwd command from a user account, but you won't be able to change the password because it won't have the privileges to write to the password file.

That is because only root can open a raw socket.

It isn't behaving differently. It is just that these setuid programs require privileges for different reasons, and so will fail under different circumstances.

It isn't intended to protect the application. The setuid bit means that an executable will be run as if it were being executed by the user who owns the file (or group in the case of setgid. The typical use is actually to increase the privileges of the application.

The setgid bit has a different use when applied to directories; it causes files/directories created inside it to inherit the group id of the parent. This can be useful for allowing a group of people to have access to shared files.

You need to understand the meanings of these bits before making use of them (particularly on executables), because they can easily create security holes in a shared system.

Thnq for the explaination .now i Understand that usage of SUID explains everything.So I'll be on that. T

THNX FR UR HELP neonsignal