How to set the setuid bit in a program of a non-root user?

天大地大妈咪最大 提交于 2020-01-03 04:55:31

问题


I am trying to make a python script executable with the setuid bit set. The program, belonging to user 'bgmc', must create some files in the directory '/home/bgmc', but is called by another user, 'client'. Indeed, I don't want user 'client' to change the files created by the program. I used a c-wrapper to call the program (see setuid on shell scripts):

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>

int main()
{
    setuid(0);
    system("/home/bgmc/myprogram.sh");
    return 0;
}

I set the setuid bit of the program on. When the c-compiled program belongs to root, the program runs well and creates the expected file. The properties of the c-compiled program are then:

8 -rws--x--x 1 root root 4657 Mar  2 16:25 myprogram

However, when I change the user-group of myprogram to bgmc:bgmc, the program cannot create the file anymore: "Permission denied". I tried to change the line:

setuid(0);

with:

setuid(1002);

since 1002 is the user id of 'bgmc' (I used command "id -u bgmc" for this) but this didn't help.

I would rather prefer not giving root access to the program. Is there a way to prevent this?


回答1:


Not sure about this since your question is very sparse on information, but did you forget to reset the permissions on the file after changing the owner? On most systems, any change of ownership automatically removes the setuid bit and you have to re-add it yourself if you want it.

Also note that setuid shell scripts are a major vulnerability; this is why the kernel does not allow you to make a shell script setuid directly. At the very least you should:

  1. Use execve rather than system to call it, and
  2. Clear out everything from the environment (or pass a new empty environment to execve).

As it is now, anyone who can run the program can make it do whatever they like by controlling environment variables.



来源:https://stackoverflow.com/questions/9536846/how-to-set-the-setuid-bit-in-a-program-of-a-non-root-user

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!