Setuid binaries and File Ownerships in FreeBSD9.0
jb
jb.1234abcd at gmail.com
Wed Jan 23 21:52:00 UTC 2013
Martin McCormick <martin <at> dc.cis.okstate.edu> writes:
>
> The executable in question is a C program whos file
> permissions are 4755 and the file belongs to root so all files
> it opens are also owned by root and that works properly, but
> what I need is for this application to first open a few files owned by
> the caller and then later, upgrade back to root and write to
> files the caller can not write to. I was hoping to avoid using
> chown and chgrp and simply let the privilege level of the
> application dictate ownership of any file it opens.
>
> When the application first runs, it gets the UID and GID
> of the user and uses
>
> setuid(heruid); and setgid(hergid); to temporarily downgrade and
> those files are owned by the right user but setuid(0); doesn't
> appear to upgrade back to root.
>
> Is there any other strategy that gets one back to root
> short of using chown and then a system call and never
> downgrading privilege?
>
> Thank you.
Unix processes have an effective (EUID, EGID), a real (UID, GID) and a saved
(SUID, SGID) ID.
Get familiar with this document:
http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf
Then verify its validity on your target and current OS.
jb
More information about the freebsd-questions
mailing list