堆栈内存溢出
  简体   繁体   English

所有者在技术上可以运行 setuid 而不能执行程序吗?

[英]Can owner technically run setuid and not be able to execute program?

 原文  2021-10-18 17:28:52       unix/ setuid

问题描述

When a setuid program is run, are the permission bits for the owner technically rwx ?当 setuid 程序运行时,所有者的权限位在技术上是rwx吗?

I was thinking that the first three permission bits were for the owner but thinking on it more if they were --- , this wouldn't make sense as a setUID program.我在想前三个权限位是给所有者的,但如果它们是--- ,则更多地考虑它,这作为 setUID 程序没有意义。

My understanding is the first three bits are for the user (ie the one currently logged in).我的理解是前三位是针对用户的(即当前登录的用户)。 Is this correct?这样对吗?

2 个解决方案

解决方案1
 0  2021-10-18 19:19:49

When a setuid program is run, are the permission bits for the owner technically rwx?当 setuid 程序运行时,所有者的权限位在技术上是 rwx 吗?

No.不。

When a setuid program is run, then (from chmod):当 setuid 程序运行时,则(来自 chmod):

Executable files with this bit set will run with effective uid set to the uid of the file owner.设置了此位的可执行文件将使用设置为文件所有者的 uid 的有效 uid 运行。

Nothing more, nothing less.不多也不少。 The first three permission bits are for the owner, as you say.正如您所说,前三个权限位用于所有者。 And yes, if the user did not have execute permission, that wouldn't make sense (and it wouldn't be an "executable file").是的,如果用户没有执行权限,那将没有意义(并且它不会是“可执行文件”)。

Is there a specific case you have in mind that you're having trouble testing?您是否想到了在测试时遇到问题的特定案例?

解决方案2
 0  2021-12-05 16:18:28

You can do this, it will run the program with the effective uid of the owner.您可以这样做,它将使用所有者的有效 uid 运行程序。

However, it just won't work as you expect for setuid root binaries invoked by root .但是,对于由root调用的 setuid root二进制文件,它不会像您期望的那样工作。 This is because root doesn't honor permission bits on executables in the way that other users do.这是因为root不像其他用户那样尊重可执行文件的权限位。 When root runs a program it will execute if any of user, group or other executable permissions are present.root运行程序时,如果存在任何用户、组或其他可执行权限,它将执行。 Given it can execute the file, it will honor the user-setuid bit (but root defaults to effective uid of 0 so its redundant):鉴于它可以执行该文件,它将遵循 user-setuid 位(但 root 默认有效 uid 为 0,因此它是多余的):

Here are two examples:这里有两个例子:

  • setuid root (which shows you can't prevent root from executing the program): setuid root (这表明您无法阻止 root 执行程序):
$ cp /usr/bin/id .
$ sudo chown root ./id
$ sudo chmod u-rwx ./id
$ sudo ./id
uid=0(root) gid=0(root) groups=0(root)
$ sudo chmod u+s ./id
$ ls -l ./id
---Sr-xr-x 1 2 root tinkerer Dec  5 07:25 ./id
$ ./id -u
0
$ sudo ./id -u
0
  • setuid bin (which shows it works exactly as you expect): setuid bin (这表明它完全按照您的预期工作):
$ cp /usr/bin/id .
$ sudo chown bin ./id
$ sudo chmod u-rwx ./id
$ sudo -u bin ./id
sudo: unable to execute ./id: Permission denied
$ sudo chmod u+s ./id
$ ls -l ./id
---Sr-xr-x 1 2 bin tinkerer Dec  5 07:30 ./id
$ ./id -u
2
$ sudo ./id -u
2
$ sudo -u bin ./id
sudo: unable to execute ./id: Permission denied

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 setuid位打开,但程序无法打开超级用户文件 - setuid bit on, yet program can't open a superuser file 将setuid位置1后,程序无法加载 - Program can't load after setting the setuid bit on 如何让程序可以由拥有Linux所有者权限的特定用户运行 - How to let a program can be run by a specific user with owner's privilege on linux setuid 是否将有效 uid 设置为 root 或所有者的 uid? - Does setuid set the effective uid to root, or the owner's uid? bash不能通过setuid程序获得root权限 - bash does not get root permissions with setuid program 我可以为perl脚本设置setuid吗? - Can i setuid for perl script? 为什么我需要setuid-root C程序中的setuid(0)来调用带有system()的管理程序? - Why do I need setuid(0) within a setuid-root C program that calls an administrative program with system()? 程序是否可以采用用户的权限,还是被所有者完全限制? - Can a program adopt the permissions of the user, or is it completely restricted by owner? 无法根据 java 程序的结果运行脚本 - Not able run the script based on the results of java program 任何用户都可以使用setuid()/ setgid更改uid / gid吗? - can any user change uid/gid using setuid()/setgid?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM