On Mon, 7 Feb 2005, Bob Stia wrote:
> Please explain how suid works.
There are three more bits ("ugo" [user, group, other], sometimes omitted and
set to 0) besides rwxrwxrwx and before them. SUID (Set User ID) refers to
u; SGID ( ... Group ... ) refers to g. The "sticky bit" is o.
If it's SUID, then the program is run with the permissions of the user who
owns it. If it's SGID, then it gets the permissions of the group that owns
it. "Save text" comes to mind for when o is 1, but I don't know what that
means.
If the sticky bit is set on a directory, then only the owner of a file in
that directory can delete it. Modification depends on the file's
permissions, so if /tmp is 1777, and /tmp/foo is 666 bob.users, then any
member of the "users" group can "cat /dev/null > /tmp/foo". Doesn't delete
it, I suppose...
If someone exploits a bug in a SUID program, the attacker can run
arbitrary programs as that user. If "that user" is root, Bad Things
can happen. Likewise for SGID/any_group.
> When set, is the program actually invoked by the user or is it really
> still root.
The user who owns the file. This does not work for scripts.
> As per a suggestion here awhile ago, I want to run ntpdate automatically
> when my dial up connection is established. Now,,,, ntpdate is root
> owned and cannot be called by me in the ip-up script.
Ownership doesn't matter. Lots of the files in /usr/bin are root-owned.
You mean root is the only one with execute permission?
> If i can understand how to set suid on ntpdate that would make it work and
> adjust my time, right?
Well, you would "chmod u+s ntpdate", but that's a bad idea. This screams
out for "sudo". Much safer than SUID.
> But, would ntpdate run all the time I was connected ??
I think it exits very quickly (generally; there may be an option to change
that behavior).
> And under those conditions, if it was really being run by root wouldn't
> that be dangerous?
Having an SUID ntpdate is a bad idea. There may be a bug in it (have *you*
reviewed its code?), and being SUID would allow exploitation of that bug.
-- "Never go off on tangents, which are lines that intersect a curve at only one point and were discovered by Euclid, who lived in the 6th century, which was an era dominated by the Goths, who lived in what we now know as Poland." - Unknown from Nov. 1998 issue of Infosystems Executive.----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:41:49 EDT