Find the answer to your Linux question:
Results 1 to 4 of 4
Hello! I was fooling around on my Ubuntu and wanted to learn about setuid bits, and I noticed that if I chmod bash with u+s as root, i can't run ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2013
    Posts
    3

    bash ignores setuid bit, but why? and proof?


    Hello! I was fooling around on my Ubuntu and wanted to learn about setuid bits, and I noticed that if I chmod bash with u+s as root, i can't run it as privileged if i'm not root. I did some googling to find out that it's additional security that's added on bash. Why? If i do the same with zsh, it works as expected. Is there a setuid call that's called anywhere when bash/zsh is started where it ignores/sets the euid?
    Thanks!

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,380
    Good questions. Have no clue. Is it bash that ignores the bit, or the scripts? Also, this is incredibly dangerous! If allowed, it would give ANYONE who has system access full root privileges, so I would say that the bash writers have done the correct thing. Some tools need root privileges, such as changing your password which has to update /etc/passwd and /etc/shadow, both of which are root-restricted for updates.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Linux Enthusiast
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    620
    Scripts can not make use of the SID sticky bit.


    Please see: Setuid and shell scripts, explained

    Actually you need to be able to call a library call to switch to the user in the program that is making use of the owner sticky bit.

  4. #4
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,380
    Quote Originally Posted by alf55 View Post
    Scripts can not make use of the SID sticky bit.


    Please see: Setuid and shell scripts, explained

    Actually you need to be able to call a library call to switch to the user in the program that is making use of the owner sticky bit.
    You can run it as root if you use the "su" or "sudo" command to do it, though you will either need the password for the root account (for "su") or have appropriate privileges set in /etc/sudoers (for "sudo").
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •