Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-25-2013 #1
- Join Date
- Jun 2013
Setuid not working in linux as script fails to write to file.
I have the following 3 test files to test setuid bit which if it works I would like to implement in our application. However setuid doesnot seem to be having any impact on my test below.Following are the 3 files of interest in /tmp/ folder.
[usl20010097 tmp]$ ls -ltr *env*
-rw------- 1 g332008 users 6 Jun 25 17:31 mainoutputfile.txt
-rwxr-x--x 1 cddsuat cddsuat 38 Jun 25 17:51 subscript.ksh
-rwsr-xr-x 1 g332008 users 51 Jun 25 17:53 mainscript.ksh
As you can see /tmp/subscript.ksh
is owned by user cddsuat. It invokes /tmp/mainscript.ksh
and has the following contents:
-bash-3.2$ cat subscript.ksh
/tmp/mainscript.ksh has the following contents:
[usl20010097 tmp]$ cat mainscript.ksh
echo "hello" >> /tmp/mainoutputfile.txt
Based on the above, setuid bit has been set for owner on /tmp/mainscript.ksh. This means that when /tmp/subscript.ksh invokes /tmp/mainscript.ksh, /tmp/mainscript.ksh runs as the owner of /tmp/mainscript.ksh which is g332008 rather than user cddsuat. So /tmp/mainscript.ksh should be able to write "hello" to the file /tmp/mainoutputfile.txt which is owned by g332008. However when I run /tmp/subscript.ksh I get the following error with respect to write permission on /tmp/mainoutputfile.txt.
/tmp/mainscript.ksh: /tmp/mainoutputfile.txt: cannot create [Permission denied]
Please advise why do I get the above permission error even though /tmp/mainscript.ksh has setuid bit set so that any other user invoking this script would be able to run this script as the owner of /tmp/mainscript.ksh. Your advise is much appreciated.
- 06-26-2013 #2
- Join Date
- Jan 2005
- Saint Paul, MN
Last edited by alf55; 06-26-2013 at 05:50 AM. Reason: Added link to an article
- 06-26-2013 #3