Annotated edit history of
SUID version 3, including all changes.
View license author blame.
| Rev |
Author |
# |
Line |
| 3 |
CraigBox |
1 |
A [SUID] program (short for Set [UID]) is when a program has the <tt>u+s</tt> permission bit set. This means that the program runs with the Effective UID (EUID|UID] of the person that owns the file, not the person that runs the program. For instance, a SUID program owned by <tt>root</tt> would run as <tt>root</tt>, instead of a normal user when executed. |
| 1 |
CraigBox |
2 |
|
| |
|
3 |
To run a progam completely as a new user, it needs to be SUID to that user, and you need to execute |
| |
|
4 |
|
| |
|
5 |
<verbatim> |
| |
|
6 |
setregid( getegid(), getegid() ); |
| |
|
7 |
setreuid( geteuid(), getegid() ); |
| |
|
8 |
</verbatim> |
| |
|
9 |
|
| 2 |
CraigBox |
10 |
Many progams need this, as they will drop any [EUID|UID] permissions on startup. You can do so using: |
| 1 |
CraigBox |
11 |
|
| |
|
12 |
<verbatim> |
| |
|
13 |
setregid( getgid(), getgid() ); |
| |
|
14 |
setreuid( getuid(), getuid() ); |
| |
|
15 |
</verbatim> |
