Login/Register
Semantics of SUID (Set-User-ID)
Asked Answered
Solved pythonpermissionssemanticssuid
R

3

6

it seems that I have some trouble understanding the semantics of the SUID bit, perhaps someone can help me clarify the situation.

My understanding of the semantic of the SUID bit are as follows: When I set the SUID bit with a file, then the file will be executed as the owner of the file and not as the caller of the file. So to test this behavior I wrote the following python script:

#!/usr/bin/python3 -O

import os

def main():
        print('Real UserID: %d' % os.getuid())
        print('Effective UserID: %d' % os.geteuid())

if __name__ == '__main__':
        main()

After that I created a user named "testuser" with the corresponding group "testuser" and adjusted the file permissions (chown testuser file, chgrp testuser file, chmod u+s,g+x file). Next I added my main user to the "testuser" group so that I can execute the file as a member of the group. After all that the file permissions looked like this:

-rwsr-xr-- 1 testuser testuser  168 2011-04-02 13:35 procred.py*

So when I am login as the testuser the script produces the output:

Real UserID: 1001
Effective UserID: 1001

...and when I run the script as my main user the script outputs:

Real UserID: 1000
Effective UserID: 1000

Now as of my understanding the script should have run as the user with the uid 1001 (the owner of the file) in the latter execution. Am I getting the whole concept wrong or where is my mistake?

Reimpression answered 2/4, 2011 at 12:56 Comment(0)
S
8

Setting the SUID bit on a *.py file does not help in any way here since the script is executed by the Python interpreter which must be set SUID in this case. Using 'sudo' is your better friend here.

Swindell answered 2/4, 2011 at 13:2 Comment(0)
G
4

Setting SUID does not work for scripts, because the kernel sees the #! (shebang - magic number 0x23 0x21 - man magic) and drops the privileges before calling the interpreter /usr/bin/python with the script as input. A way around is setting the python interpreter SUID root and add functionality to change privileges to the user owning the script before executing the script, in case SUID bit is set. Doing this in a naive way will impose security problems. How to do it in a smart way can be found here: http://perldoc.perl.org/perlsec.html

Additional Links:

Gerfalcon answered 2/4, 2011 at 16:9 Comment(0)
J
0

I found this link in the web. you can set SUID to this wrapper and use this one. but personally prefer sudo solution. ;)

Juxon answered 11/5, 2011 at 10:7 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.