Setting 'suid' bit for a program

Setting 'suid' bit for a program

Post by Toby Cree » Wed, 14 Jan 1998 04:00:00




> Hello,

>      For my program I have set 'suid' bit and changed
> the owner to root, so that effective user id becomes
> root when the program runs. But run time loader gives
> following error when it is run by a user other
> than root.
>      "/sbin/loader : Fatal error : can not map libf.so"
>    "libf.so" is a shared library used by the program. I
> checked that library search path set properly. I observed
> following things with the program.

> * If the program is run by root, then there is no problem.
> * If I don't do any of "setting suid" or "changing owner to root",
>   then also run time loader does n't crib.
> * I tried changing owner of libf.so to root,even then also
>   program did n't work.

>            Let me know if you have any answer for this.
>  I am working on Digital Unix 4.0

If libf.so in /usr/lib?  Most *nix variants will ignore LD_LIBRARY_PATH
if set when the program is euid(0) to prevent replacement of a shared
object with rogue code that runs as root.  Under Solaris, the solution
is to compile with -R/path/to/lib to hardcode a search path.

I've worked with DU before, but I never tried this.

Toby
--
Toby Creek - UNIX System Administrator
Alcatel Telecom, 2912 Wake Forest Road, Raleigh, NC
Phone +1 919 850 6465 / Fax +1 919 850 6703

 
 
 

Setting 'suid' bit for a program

Post by Andrew Giert » Wed, 14 Jan 1998 04:00:00


 Kamal> Hello,
 Kamal>      For my program I have set 'suid' bit and changed
 Kamal> the owner to root, so that effective user id becomes
 Kamal> root when the program runs. But run time loader gives
 Kamal> following error when it is run by a user other
 Kamal> than root.
 Kamal>      "/sbin/loader : Fatal error : can not map libf.so"
 Kamal>    "libf.so" is a shared library used by the program. I
 Kamal> checked that library search path set properly.

Any library search path taken from the environment or any other
insecure source (I don't know DU, so I can't be more specific) will be
ignored by a suid program.

--
Andrew.

 
 
 

1. What's the 'suid bit' ?

Since I upgraded to RH5.0, Netscape 4.04 takes two or three MINUTES(|)
to start, freezes a lot, and leaves this strange message in the Xterm
window from whence it was started...

    Warning:  This program is an suid-root program or is being run by
the root user.  The full text of the error or warning message cannot be
safely formatted in this environment.  You may get a more descriptive
message by running the program as a non-root user or by removing the
suit bit on the executable.
    Warning:  Cannot convert string "%s" to type %s.

What could this mean?

I've tried running it as a non-root user, but the message - and the
problems - remain.

Thanks for maybe pointing my toward an answer.

--

The box said 'WIN95 or better.' so I installed LINUX!
  HEAR MY VOICEOVER DEMO AT http://www.anncrman.com
           OR BY TELEPHONE AT (212)595-0314

2. [RESEND] POSIX ACL configuration option

3. Don't know how to set terminal 'dumb' to 8-bit...

4. Soundmax drivers

5. suid-bit - where's the problem

6. Linux on CD-ROM

7. suid-bit - i still don't get it

8. 64 bit linux kernel 2.6.2 for IA64 (Itanium2)

9. How do I set parity/data bits in 'cu'?

10. How do I set the 'sticky' bit ?

11. getting suid program to output to user's term

12. dip says 'set HOSTNAME', but it's set

13. suid root program can't call system(3)