# # setuid
APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

setuid

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.



Some material is very old and may be incorrect today

© January 2004 Tony Lawrence
2004/01/29

You don't have to hang around Unix long to learn about "su" and setuid programs. The "setuid()" system call (and related calls like setgid) are what allows a process to switch back and forth between id's.

The kernel actually maintains three id's: the real user id, the effective user id, and the saved user-id. The saved user id is important and very useful in writing more secure programs.

Only a process that already has superuser power can change its real user id, and you often see setuid programs (the binary has had a chmod 4755 for example) owned by root so that the process has root capability when executed. But because of the saved user id, you don't necessarily have that effective id throughout: for security reasons, programs should switch you back to the saved id whenever having the more powerful id isn't necessary.

Take the example of a program that needs to open some database files, allow you to review and possibly change datam, and then write the files. Let's set the files for ownership by the "database" account:

# chown database:database datafile
# chmod 660 datafile
# chown database prog
# chmod 4755 prog
# ls -l prog datafile
-rw-rw----    1 root     database        0 Jan 19 08:13 datafile
-rwsr-xr-x    1 database tony        0 Jan 19 08:13 prog
 

When our "prog" is executed, its effective id will become "database", so it can read the file. When it is time to write the data back, it also needs the "database" effective id, but it doesn't need it in-between. So, ideally, the flow would go something like this:


The saved user id allows the program to shed its more powerful identity when it doesn't need it.


If you found something useful today, please consider a small donation.



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> setuid


Inexpensive and informative Apple related e-books:

Take Control of Numbers

iOS 10: A Take Control Crash Course

Are Your Bits Flipped?

Take Control of High Sierra

iOS 8: A Take Control Crash Course





More Articles by © Tony Lawrence




---September 21, 2004 Your example should use a different name for the gid. It is confusing to the novice as to what's going on when the gid and uid are the same.
Also chmod 2755 prog would result in rwxr-sr-x and not rwsr-xr-x.



---September 21, 2004

Correct. Will fix :-)

--TonyLawrence






Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





If you have any trouble sounding condescending, find a Unix user to show you how it's done. (Scott Adams)




Linux posts

Troubleshooting posts


This post tagged:

Security

Shell

UnixWords



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode