Find the answer to your Linux question:
Results 1 to 6 of 6
Hi! I am using the following code: Code: #include<stdio.h> int main&#40;&#41; &#123; system&#40;"./a.sh"&#41;; &#125; a.sh Code: #!/bin/bash touch hi Now I compile the c program gcc own.c -o own Chmod ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Feb 2004
    Location
    India
    Posts
    132

    setuid problem with a wrapper


    Hi!

    I am using the following code:

    Code:
    #include<stdio.h>
    int main&#40;&#41;
    &#123;
    system&#40;"./a.sh"&#41;;
    &#125;
    a.sh
    Code:
    #!/bin/bash
    touch hi
    Now I compile the c program
    gcc own.c -o own

    Chmod it
    chmod +s own

    ls -l
    -rwsr-sr-x 1 root root 4694 Nov 3 16:16 own
    -rwxr-xr-x 1 me me 21 Nov 3 15:16 a.sh

    when I run the binary "own"
    [root@anandspc a]# ./own

    I expect a file to be created with the owner root (Due to setuid bit) but the owner is NOT root, but the owner I run as.

    I have checked up the owner of the process own is ROOT but the shell script it invokes is not owned by root!

    Please help.
    OS is Linux fedora core 4

    Thanks!
    You are the one Linux!

  2. #2
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    Location
    St. Petersburg, FL
    Posts
    5,035
    You need to set the SUID bit on a.sh

  3. #3
    Linux Newbie
    Join Date
    Feb 2004
    Location
    India
    Posts
    132

    I tried that

    Hi!

    I tried that!!

    But still it wont get setuid'ed



    Is it a problem with bash??

    I have read that It does not work with Linux, but it works under sun and freeBSD. Is this true?

    Thanks!
    Anand.
    You are the one Linux!

  4. #4
    Banned CodeRoot's Avatar
    Join Date
    Sep 2005
    Posts
    567

    Re: I tried that

    I have read that It does not work with Linux, but it works under sun and freeBSD. Is this true?
    Where did you read this?

    (BTW, you do understand the security risks involved with doing this, right? -- especially using 'system(<script>)'...)

  5. #5
    Just Joined!
    Join Date
    Jan 2006
    Posts
    3

    Solaris behaves the same.

    Quote Originally Posted by anand
    Hi!

    I tried that!!

    But still it wont get setuid'ed



    Is it a problem with bash??

    I have read that It does not work with Linux, but it works under sun and freeBSD. Is this true?

    Thanks!
    Anand.
    I am having the same question!
    I tried your C program and bash script on our Sun UltraSparc station running
    Solaris 7, and on our linux machines running FC3 and RedHat 9. I got the same
    results as yours.

    Changguo

  6. #6
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    The program is acting exactly as it is supposed to. Your problem is with the fact that the SUID bit only augments the effective UID of the execing process, not the real UID. Files are created with the owner being the real UID (actually, under Linux it is the FS UID, but that is of minimal importance).

    What you need to do is make sure that the real UID is set to root as well, like this:
    Code:
    #include <stdlib.h>
    #include <unistd.h>
    
    int main(void)
    {
        setuid(0);
        system("./a.sh");
    }
    As ISOS pointed out, however, are you sure that you understand the security implications of running an external command by a relative path in a SUID root program?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •