Find the answer to your Linux question:
Results 1 to 5 of 5
I was just curious to know: if I run a program which runs suid as root, and it crashes, what are my access rights at that point? Am I still ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,168

    A simple question about suid


    I was just curious to know: if I run a program which runs suid as root, and it crashes, what are my access rights at that point? Am I still root or do I go back to being myself as soon as the program is no longer running?
    "I'm just a little old lady; don't try to dazzle me with jargon!"

  2. #2
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Depends on how to crashes. But the App has the rights and the user not. So normally, no you won't be root.
    New Users, please read this..
    Google first, then ask..

  3. #3
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
    Posts
    11,175
    However, since the program is running as root, if it spawns a new shell, I think that will run as root also. For example, it could spawn an xterm as a nohup'd background process with its output on a remote system, giving someone root access to your system. Then, if the program crashes or is killed, the spawned xterm/shell will continue to run. The lesson here is that one should be VERY careful what is tagged suid-root.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  4. #4
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,168
    That's also a good reason not to give people sudo access to programs like vi that can spawn shells. But I had something a bit different in mind.

    You read a lot about exploits in which crackers crash a server program by overloading its input buffers. I just wondered how this worked and whether crashing a program that is running with root permissions can in itself give you root access.

    PS I hope it's not against forum rules to tell me !
    "I'm just a little old lady; don't try to dazzle me with jargon!"

  5. #5
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
    Posts
    11,175
    Quote Originally Posted by hazel View Post
    That's also a good reason not to give people sudo access to programs like vi that can spawn shells. But I had something a bit different in mind.

    You read a lot about exploits in which crackers crash a server program by overloading its input buffers. I just wondered how this worked and whether crashing a program that is running with root permissions can in itself give you root access.

    PS I hope it's not against forum rules to tell me !
    Not against the rules to discuss theory. I just don't think it would be good practice to provide functional code. Anyway, a lot of Linux and Unix services have to run as root, even such tools as 'passwd', which is suid-enabled because it has to update such files as /etc/shadow. So, daemons such as sshd, xinetd, ftpd CAN be vulnerable to remote buffer overflow attacks and grant the attacker root privileges. However, once logged in as a normal user, buffer overflow errors in non-suid programs [/I]generally[/I] cannot elevate your privileges.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •