SUID Root Scripts on Linux Question

SUID Root Scripts on Linux Question

Post by Christopher R. Carle » Mon, 11 Dec 2000 01:52:48



Hi:

If one creates a SUID root binary executable (which appears to be Ok in
Linux), that program is executed by a user, and that program then execs
a shell script owned by a user, does that script run with user or root
privilege?

Thanks.
--
_____________________
Christopher R. Carlen

Linux 2.2.10

 
 
 

SUID Root Scripts on Linux Question

Post by Scott Schaefe » Mon, 11 Dec 2000 04:05:35


"By default", the script would execute with "root privelege" -- i.e.
it would execute with effective user id = 0.  

By using kernel "capabilities", you can limit the priveleges of the
shell script in a number of ways -- indeed, in the example you give,
the script will run with only those capabilities which were allowed
to the SUID binary AND which that binary 'gives away' AND which are
inheritable by the shell which is exec'ed AND which are allowed to the
shell.


> Hi:

> If one creates a SUID root binary executable (which appears to be Ok in
> Linux), that program is executed by a user, and that program then execs
> a shell script owned by a user, does that script run with user or root
> privilege?

> Thanks.
> --
> _____________________
> Christopher R. Carlen

> Linux 2.2.10


 
 
 

SUID Root Scripts on Linux Question

Post by Tim Hayne » Mon, 11 Dec 2000 02:54:10



Quote:> If one creates a SUID root binary executable (which appears to be Ok in
> Linux), that program is executed by a user, and that program then execs a
> shell script owned by a user, does that script run with user or root
> privilege?

Root unless changed otherwise.

Consider:

    #include <stdio.h>
    #include <unistd.h>
    #include <sys/types.h>

    int main(void)
    {
      printf("This is me: %d\n", getuid());
      system("/usr/bin/id");
      printf("This is me: %d\n", getuid());
      return 0;
    }

Normally, with no setuid stuff:

 | zsh, straw  5:48PM foo % ./thingy
 | This is me: 1000 1000
 | uid=1000(tim) gid=1000(tim) groups=1000(tim),4(adm),6(disk),29(audio)
 | This is still me: 1000 1000
 | zsh, straw  5:48PM foo %

but with setuid-root ownership:

 | zsh, straw  5:52PM foo % ll thingy
 | -rwsr-xr-x    1 root     tim       5227 Dec  9 17:51 thingy*
 | zsh, straw  5:52PM foo % ./thingy
 | This is me: 1000
 | uid=1000(tim) gid=1000(tim) euid=0(root) groups=1000(tim),4(adm),6(disk),29(audio)
 | This is me: 1000
 | zsh, straw  5:52PM foo %

Note the effective UID. It means the program can call setuid() itself and
become really root if it wants.

~Tim
--

Is touching the sacred earth                    | http://piglet.is.dreaming.org
And warming the hallowed ground                 |
.

 
 
 

SUID Root Scripts on Linux Question

Post by Walter Dn » Thu, 14 Dec 2000 15:32:31



> "By default", the script would execute with "root privelege" -- i.e.
> it would execute with effective user id = 0.  

> By using kernel "capabilities", you can limit the priveleges of the
> shell script in a number of ways -- indeed, in the example you give,
> the script will run with only those capabilities which were allowed
> to the SUID binary AND which that binary 'gives away' AND which are
> inheritable by the shell which is exec'ed AND which are allowed to the
> shell.

  How would you handle the following, which is so simple under
Windows<g>.  I normally run X at 1024x768 display. I occasionally watch
internet TV.  Depending on the site, I may want to watch in 320x200 or
400x300 or 512x384 resolution.  Yes, I *KNOW* about CTRL-ALT-PLUS and
MINUS.  That merely gives me a magnified viewport into the 1024x768
original screen.  Moving the pointer to the edge moves the RealPlayer
screen off my monitor.  What I'd like to do is change the "modeline" in
/etc/X11/XF86Config by running sed from startx.  That way, I'd get X to
start up at the desired resolution.  Can a perl script be run setuid ?
Or is a compiled language required ?

--
Walter Dnes

 
 
 

SUID Root Scripts on Linux Question

Post by Michael Erskin » Fri, 15 Dec 2000 06:49:17




> > "By default", the script would execute with "root privelege" -- i.e.
> > it would execute with effective user id = 0.

> > By using kernel "capabilities", you can limit the priveleges of the
> > shell script in a number of ways -- indeed, in the example you give,
> > the script will run with only those capabilities which were allowed
> > to the SUID binary AND which that binary 'gives away' AND which are
> > inheritable by the shell which is exec'ed AND which are allowed to the
> > shell.

>   How would you handle the following, which is so simple under
> Windows<g>.  I normally run X at 1024x768 display. I occasionally watch
> internet TV.  Depending on the site, I may want to watch in 320x200 or
> 400x300 or 512x384 resolution.  Yes, I *KNOW* about CTRL-ALT-PLUS and
> MINUS.  That merely gives me a magnified viewport into the 1024x768
> original screen.  Moving the pointer to the edge moves the RealPlayer
> screen off my monitor.  What I'd like to do is change the "modeline" in
> /etc/X11/XF86Config by running sed from startx.  That way, I'd get X to
> start up at the desired resolution.  Can a perl script be run setuid ?
> Or is a compiled language required ?

How about just making three or four cooies of the XF86Config file say:

XFConfig
XF86Config.320x200
XF86Config.400x300
XF86Config.640x480

Then writing your compiled program would be trivial because all you would
have to to is copy the file you want to XF86Config and restartx...  Now
Here is a quick hack.  I do not even know that it will compile, use at
your own risk AND ONLY AFTER YOU CHECK paths, filenames, etc... etc...

#include <stdlib.h>
#include <stdio.h>

int main(int argc, char *argv[]) {
        if (atoi(argv[argc-1])==1) {
                system("/bin/cp /etc/XFConfig.320x200 /etc/XFConfig");
        } else if (atoi(argv[argc-1])==2) {
                system("/bin/cp /etc/XFConfig.400x300 /etc/XFConfig");
        } else if (atoi(argv[argc-1]==3) {
                system("/bin/cp /etc/XFConfig.640x480 /etc/XFConfig");
        } else {
                printf("Dooo, 1 or 2 or 3?\n");
                exit(-1);
        }
        exit(0);

Quote:}

--
Complexity sux; KISS works.  Tim Haynes
 
 
 

SUID Root Scripts on Linux Question

Post by elle.. » Fri, 15 Dec 2000 15:30:41



>> screen off my monitor.  What I'd like to do is change the "modeline" in
>> /etc/X11/XF86Config by running sed from startx.  That way, I'd get X to
>> start up at the desired resolution.  Can a perl script be run setuid ?
>> Or is a compiled language required ?
> How about just making three or four cooies of the XF86Config file say:

Or simply 'startx -- -xf86config <file>' which will work for all users
provided the config file is in the config search path. See XFree86(1)
and XF86Config(5x) which explains the restrictions a bit better. This
is much less of a blecherous hack than an suid wrapper to overwrite
the config file.

To answer the original question, though, the way to do it is use the
functions in -lXxf86vm such as XF86VidModeSetViewPort(3X11) which is
how xvidtune -next cycles through video modes. This is alot less
hackish than programatically editing the config file, and lets you
change the resolution without restarting the server.

Either of the above "solves" the problem without any suid activity.

--

 
 
 

SUID Root Scripts on Linux Question

Post by Michael Erskin » Sat, 16 Dec 2000 09:20:34


Thanks elleron.  Never had the need to do that one.  

Quote:> Either of the above "solves" the problem without any suid activity.

Ah, *nix, one can never know it all, eh?
;-)
> --


 
 
 

1. Two SUID-ROOT SCRIPT questions

Hi,
        By coincidence I now have two requirements for which the regular users on my Solaris 2.5 system must be able to run programs with root privileges.

The first is a data acquisition program that must be run in the REAL-TIME class.
As root I put the process into the RT class by running 'priocntl'. However, if I put this into an SUID-ROOT Bourne script, priocntl refuses to change the scheduler class of the process.

In another completely different case, I have setup scripts that perform root functions when a PPP connection is made. In this case, I am using the 'dp 4.0' dialup ppp program. Does anyone know what permission/ ownership changes need to be made to drivers etc. when trying to run them from an SUID_ROOT script. Or maybe the problem is intractible.

I have just downloaded the 'sudo' package and will try this as a replacement for the script solution. Has anyone else had success with this?

        Thanks,

                Henry

Henry Leparskas,
UWO Astronomy
London, ON, Canada

2. Pl. Help! IBM International ISDN PC CARD + Redhat Linux

3. How to securely execute SUID ROOT shell scripts?

4. How to configure fonts in XTerm?

5. SUID bit on Redhat : Run script as root

6. RH 7.3 setup as ftp server

7. setting root SUID for an executable shell script

8. How to connect a digitizer

9. why don't my suid root shell scripts work under Solaris 2.5?

10. Suid root scripts in /tmp ???

11. usermod in SUID root script

12. setting root SUID for an executable shell script

13. problem with suid root shell scripts