Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!ames!pacbell!att-ih!occrsh!jal From: jal@occrsh.ATT.COM (J_Allen_Schones) Newsgroups: comp.unix.wizards Subject: Re: access(2) (was: Writing to A NON-Existing File in "C") Message-ID: <267@occrsh.ATT.COM> Date: 22 Apr 88 17:32:26 GMT References: <9654@jplgodo.UUCP> <14020030@hpisod2.HP.COM> <887@cresswell.quintus.UUCP> <975@unmvax.unm.edu> Reply-To: jal@occrsh.UUCP (J_Allen_Schones) Organization: AT&T Network & Data Systems, OKC Lines: 76 Keywords: access(2), getuid(2), geteuid(2) Summary: Not on my system. In article <975@unmvax.unm.edu> mike@turing.UNM.EDU.UUCP (Michael I. Bushnell) writes: [ Much stuff deleted. ] >Not really. But there is another way it can run under suid >conditions: > >% whoami >foo >% su >Password: ># nifty_program > > >Note that nifty program will now have REAL uid foo and EFFECTIVE uid >root. > [ .signature deleted ] Is nifty_program(1) :-) setuid or just a regular (non-setuid) program? I can't speak for BSD systems, but on a 3B15 running System V Rel. 3.1.1 UNIX (trademark of AT&T), nifty_program (running non-setuid) will have both REAL and EFFECTIVE uid set to root. nifty_program (running setuid) will have REAL uid root and EFFECTIVE uid foo. su(1) does a "setuid(geteuid())" when you run it. Two programs: nifty.c: #include main() { printf("uid == %d\n", getuid()); printf("euid == %d\n", geteuid()); } setuid.c: #include main() { execlp("./nifty", "nifty", 0); } Session follows: $ ls -l total 42 -rwxr-xr-x 1 jal user1 13536 Apr 22 12:14 nifty -rw-r--r-- 1 jal user1 113 Apr 22 12:02 nifty.c -rwsr-xr-x 1 jal user1 5180 Apr 22 12:14 setuid -rw-r--r-- 1 jal user1 63 Apr 22 12:14 setuid.c $ id uid=326(jal) gid=300(user1) $ ./nifty uid == 326 euid == 326 $ ./setuid uid == 326 euid == 326 $ su Password: # id uid=0(root) gid=3(sys) # ./nifty uid == 0 euid == 0 # ./setuid uid == 0 euid == 326 End of session. -- J. Allen Schones -- AT&T -- Oklahoma City Works MAIL: 7725 W. Reno -- Oklahoma City, OK -- 73125 -- Dept: 11OC0307720 PHONE: (405) 491-4950 | UUCP: {AT&T}!okcedu!jal FAX: (405) 491-4530 Attn: Schones 0772 x4950