Find the answer to your Linux question:
Results 1 to 2 of 2
Normal rule: EUID: used for privilege checks (except for the filesystem) . ex: files's read/write/excute FSUID:used for filesystem access checks. ex: Filesystem Object Attributes(rwx setuid setgid user group...). Now , ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2005
    Posts
    3

    privilege: FSUID 's privilege decides rwx on files, not EUID's decision !?


    Normal rule:
    EUID: used for privilege checks (except for the filesystem) .
    ex: files's read/write/excute
    FSUID:used for filesystem access checks.
    ex: Filesystem Object Attributes(rwx setuid setgid user group...).

    Now , suppose a user called kennedy(500) executes a program,and
    its file has its setuid(root) bit set.

    RUID=500 , EUID=SUID=FSUID=0.

    Situation 1:
    I change FSUID's value =500 ,the program
    can't use function execl() to execute another file.

    RUID=500,EUID=SUID=0,FSUID=0.

    Situation 2:
    I change EUID's value =500, the program can use
    function execl() to execute any file.

    RUID=500=EUID ,SUID=0,FSUID=0.

    Summary:
    Why checking privilege is FSUID do it not EUID?

    I test many times to find out the problem about EUID/FSUID.

    What's wrong with the EUID ? It confuses me !!

    Please tell me the reason. -.-

  2. #2
    Just Joined!
    Join Date
    Aug 2005
    Posts
    3
    Situation 1 sample code:

    #include<stdlib.h>
    #include<unistd.h>

    #include<stdio.h>
    #include<sys/fsuid.h>

    int main()

    {


    setfsuid(getuid());
    int pid=fork();
    if(pid==0)
    {
    if(execl("/roo/3","3",(char*)0)==-1)
    printf("failed\n");
    }
    while(1);

    }

    [root@localhost root]# ps -o ruid -o euid -o suid -o fsuid -o fname -a
    RUID EUID SUID FSUID COMMAND
    0 0 0 0 su
    500 500 500 500 bash
    500 0 0 500 1
    500 0 0 500 1
    0 0 0 0 ps


    ----------------------------------------------------------

    Situation 2 sample code:

    #include<stdlib.h>
    #include<unistd.h>

    #include<stdio.h>
    #include<sys/fsuid.h>

    int main()

    {
    int suid=geteuid();
    seteuid(getuid());
    setfsuid(suid);
    int pid=fork();
    if(pid==0)
    {
    if(execl("/root/3","3",(char*)0)==-1)
    printf("failed\n");
    }
    while(1);

    }

    [root@localhost root]# ps -o ruid -o euid -o suid -o fsuid -o fname -a
    RUID EUID SUID FSUID COMMAND
    0 0 0 0 su
    500 500 500 500 bash
    500 500 0 0 1
    500 500 500 500 3
    0 0 0 0 ps

    ---s--s--x 1 root root 12289 8月 19 07:41 1
    ---x--x--- 1 root sys 11636 8月 18 11:08 3

    1's group is root, 3's group is sys ,so compared with owner(user).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •