Thursday, August 27, 2015

How to deal with SUID and SGID?

How to deal with SUID and SGID?


SUID

If you own an executable, and another person issues the executable, then it runs with your permission and not his.

A Good example of the use of suid is "whoami” command.

$ whoami
lee


$ sudo chmod u+s /usr/bin/whoami

$ whoami
root


$ sudo chmod u-s /usr/bin/whoami


Example: 2

Another Good example of the use of SUID bit is /usr/bin/passwd.

Only root user has permission to modify the /etc/passwd file. If that’s the case, how can a normal user change his password.

# ls -l /etc/passwd
-rw-r–r– 1 root sys 6001 Aug 27 10:00 /etc/passwd

#ls -l /usr/bin/passwd
-r-sr-sr-x root sys 27228 Aug 16 2007 /usr/bin/passwd


 /usr/bin/passwd has it’s SUID bit set. That means, irrespective of the user who is invoking the passwd program, the program always executes as the owner of the file (here root), granting it permission to modify /etc/passwd file.


Example: 3

             -rwxrwxrwx       lee     admin                 test1
           -rwx------            lee     admin                 test2

  Here, the test1 is the script which is intended to write some content to the test2.   Because test1 have exe permissions for others, others can run this script but others dont have write permissions to test2 and hence it will give error    .

Solution is to enable the suid.
   .

                      -rwsrwxrwx        lee     admin      test1
                   -rwx------           lee      admin         test2


Now the program runs as if the owner is executing hence the others can write data to the test2


And what is SGID used for ?

 It is used when you want a program to execute always as a member of it’s owners group.

# chmod 2754 test.sh
# ls -l
total 2 -rwxr-sr– 1 a435104 ccusers 50 Oct 17 05:28 test.sh

 * 4000 (chmod u+s) is suid; for files execute as owning user (often root).
 * 2000 (chmod g+s) is sgid; for files execute as owning group (often root); 

for directories the group on newly created files will be set to the directory’s group rather than the creator’s group. Typically used for shared directories.




If you happy with the above topic, please leave a comments/reactions.