Highest Voted 'setuid' Questions - Unix and Linux Stack Exchange

256

votes

11 answers

Allow setuid on shell scripts

The setuid permission bit tells Linux to run a program with the effective user id of the owner instead of the executor: > cat setuid-test.c #include #include int main(int argc, char** argv) { printf("%d", geteuid()); …

asked Aug 12 '10 at 02:20

Michael Mrozek

91,316
38
238
232

106

votes

2 answers

What does the 's' attribute in file permissions mean?

Please compare the following two lines: -rws---r-x 1 root root 21872 2009-10-13 21:06 prg1 -rwx---r-x 1 root root 21872 2009-10-13 21:06 prg2 Does the setuid bit on prg1, along with the read and execute bits for 'other' mean that any user can…

privileges setuid

asked Mar 09 '14 at 15:30

anders

1,163
2
7
4

48

votes

3 answers

Using the setuid bit properly

I have a process that needs root privileges when run by a normal user. Apparently I can use the "setuid bit" to accomplish this. What is the proper way of doing this on a POSIX system? Also, how can I do this with a script that uses an interpreter…

scripting setuid

asked Nov 08 '14 at 15:34

goldilocks

86,451
30
200
258

35

votes

6 answers

What is the safest way for programmatically writing to a file with root privileges?

A huge application needs, at one specific time, to perform a small number of writes to a file which requires root permissions. It is not really a file but a hardware interface which is exposed to Linux as a file. To avoid giving root privileges to…

privileges setuid

asked Apr 15 '16 at 04:28

vsz

547
5
15

31

votes

1 answer

Difference between owner/root and RUID/EUID

I am relatively new to the concepts mentioned in the question and reading about them from different sources only makes them more confusing. So this is what I understood so far: When we are given permissions for a file, they look like…

files permissions process root setuid

asked Mar 23 '15 at 08:36

user1956190

413
1
4
6

28

votes

1 answer

Why does setuid not work?

I want to ensure that my program can only be run by user xyz using root privilege. To do this, I set the setuid bit with: chmod u+s program1.sh ls -l program1.sh rwsr-x--- 1 root house 1299 May 15 23:54 program1.sh Also, I added user xyz to the…

linux root chmod privileges setuid

asked May 19 '14 at 06:46

Marcus Thornton

1,091
3
13
16

26

votes

1 answer

What would be the best way to work around this glibc problem?

I administer a Gentoo Hardened box that uses file capabilities to eliminate most of the need for setuid-root binaries (e.g. /bin/ping has CAP_NET_RAW, etc). Infact, the only binary I have left is this one: abraxas ~ # find / -xdev -type f -perm…

security linux-kernel glibc setuid

asked Mar 16 '13 at 16:09

Aaron Jones

259
2
6

21

votes

5 answers

How do I drop root privileges in shell scripts?

The "--up" option in OpenVPN is normally used for routing etc. And so it is processed before OpenVPN drops root privileges to run as nobody. However, I am invoking shell scripts that need to run as an unprivileged user. How do I do that? I have…

shell-script root centos privileges setuid

asked May 30 '14 at 07:15

mirimir

463
2
5
14

18

votes

2 answers

How does ping work on Fedora without setuid and capabilities?

As far as I know, ping needs to create a raw socket (which needs either root access or cap_net_raw capabilities). From my understanding the trend these last years has been to remove setuid binaries and replaced them with capabilities. However when I…

security setuid capabilities

asked Jun 14 '20 at 23:13

Antoine Catton

309
2
10

18

votes

2 answers

Can gdb debug suid root programs?

I wrote a program that calls setuid(0) and execve("/bin/bash",NULL,NULL). Then I did chown root:root a.out && chmod +s a.out When I execute ./a.out I get a root shell. However when I do gdb a.out it starts the process as normal user, and launches a…

debugging setuid gdb

asked Jun 30 '11 at 23:53

jyz

657
2
10
17

16

votes

2 answers

Setuid bit seems to have no effect on bash

I was experimenting a bit and noticed something strange: setting the setuid bit on a copy of bash located at /usr/bin/bash-test seemed to have no effect. When I ran an instance of bash-test, my home directory was not set to /root and when I ran the…

linux bash setuid

asked May 03 '13 at 02:35

user26112

16

votes

1 answer

root owned program with setuid bit on

Ping is a a program owned by root with the user id bit set. $ ls -l `which ping` -rwsr-xr-x 1 root root 35752 Nov 4 2011 /bin/ping As I understand it, if a user runs the ping process, then the effective user id will change from the real user id…

security process ping privileges setuid

asked Oct 15 '12 at 02:45

sashang

726
2
7
17

16

votes

3 answers

What does GID mean?

What does GID actually mean? I have Googled it and this is what linux.about.com said: Group identification number for the process. Valid group numbers are given in /etc/group, and in the GID field of /etc/passwd file. When a process is started, its…

permissions group setuid

asked Jul 23 '12 at 10:09

Kevdog777

3,194
18
43
64

15

votes

3 answers

How does the set-user-ID mechanism work in Unix?

Can someone please explain the set-user-ID mechanism in Unix ? What was the rationale behind this design decision? How is it different from effective user id mechanism ?

command-line process architecture privileges setuid

asked Dec 11 '12 at 12:00

Geek

6,548
15
46
70

15

votes

1 answer

Why does ping need setuid permission?

I'm looking at a handful of files on my system with setuid permission on my system, by running: sudo find / -perm -4000 I noticed that /bin/ping shows up on the list. Can anyone explain why ping requires setuid permission?

ping setuid

asked Jul 30 '17 at 16:54

Philip Kirkbride

9,816
25
95
167

Questions tagged [setuid]