LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
Reload this Page s bit on user
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 10-07-2006, 07:30 AM   #1
kshkid
Member
 
Registered: Dec 2005
Distribution: RHEL3, FC3
Posts: 383

Rep: Reputation: 30
s bit on user

hi all,

i have a binary for which it includes libraries from
from /usr/lib and some informix libraries which are obtained from the path $INFORMIXDIR/lib/esql

everything is fine, with respect to the binary and the dynamic dependencies include of the binary.

but when i set the s-bit for the binary on user and upon using ldd
only the libraries from default directory /usr/lib/ are listed and not from the INFORMIX library paths.

when tried querying from google got few points that
due to security reasons for a binary for which set bit is set on the user or group the dynamic dependencies will not be included.

if that is the case, then how can i overcome this...

any pointers on this greatly apprecited!!!

thanks in advance
 
Old 10-08-2006, 12:35 AM   #2
cjcox
Member
 
Registered: Jun 2004
Posts: 307

Rep: Reputation: 42
A good generic way is to call the program using sudo. You can configure the call to not require a password even. Install the sudo program.... then do visudo to create the rules (brings up vi editing the file /etc/sudoers).

Consider the following rule:

cjcox ALL=(wwwrun) NOPASSWD:/usr/bin/id

This says that the user cjcox is allowed to execute the command /usr/bin/id as the user wwwrun. I can invoke it like so (assume I'm logged in as cjcox):

$ sudo -u wwwrun /usr/bin/id
uid=30(wwwrun) gid=8(www) groups=8(www)

Of course, that may be too long of a command to type. So perhaps I will setup an alias via a script or bash shell alias...

$ alias wwwid="sudo -u wwwrun /usr/bin/id"
$ wwwid
uid=30(wwwrun) gid=8(www) groups=8(www)
 
Old 10-09-2006, 11:05 AM   #3
kshkid
Member
 
Registered: Dec 2005
Distribution: RHEL3, FC3
Posts: 383

Original Poster
Rep: Reputation: 30
thanks for the reply...

the actual issue is not with how to sudo to the required id and invoke the program..

the question on raise is..
what happens to the linked dependencies when s-bit on user or group is set for the binary...

only the libs from /usr/lib/ are displayed and not the external libs.. if that is the case how is it possible to include them with s-bit still set on the binary ?
 
Old 10-09-2006, 03:50 PM   #4
cjcox
Member
 
Registered: Jun 2004
Posts: 307

Rep: Reputation: 42
See man ld.so for an explanation of how LD_LIBRARY_PATH is NOT used for setuid programs. You can bind in the path to the dynamic libraries into the program.. or use the "sudo" style technique I described.

I was merely trying to provide a solution.... Sorry, I should have pointed to the information...
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Memory bus is 64 bit but data access and register is only 32 bit for i386 lilzz Linux - Newbie 3 09-02-2006 12:35 AM
32 bit or 64 bit install - is 32 bit easier for a newbie? dms05 Linux - Newbie 3 05-19-2006 03:05 PM
Tips for a new 64-bit user jawaking00 Linux - Software 4 12-21-2005 11:34 AM
Which version of 32 bit redhat will install on IBM xSeries 366 (64 bit)? Hello123 Linux - Hardware 2 09-14-2005 05:50 AM
Graphic Card that Supports displaying 8-bit and 24-bit images simultaneously yrraja Linux - Hardware 2 04-30-2003 06:41 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 01:32 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration