Graphics Programs Reference
In-Depth Information
reader@hacking:~/booksrc $ sudo su jose
jose@hacking:/home/reader/booksrc $ id
uid=501(jose) gid=501(jose) groups=501(jose)
jose@hacking:/home/reader/booksrc $
As the user jose, the simplenote program will run as jose if it is executed,
but it won't have access to the /tmp/notes file. This file is owned by the user
reader, and it only allows read and write permission to its owner.
jose@hacking:/home/reader/booksrc $ ls -l /tmp/notes
-rw------- 1 reader reader 36 2007-09-07 05:20 /tmp/notes
jose@hacking:/home/reader/booksrc $ ./simplenote "a note for jose"
[DEBUG] buffer @ 0x804a008: 'a note for jose'
[DEBUG] datafile @ 0x804a070: '/tmp/notes'
[!!] Fatal Error in main() while opening file: Permission denied
jose@hacking:/home/reader/booksrc $ cat /tmp/notes
cat: /tmp/notes: Permission denied
jose@hacking:/home/reader/booksrc $ exit
exit
r
eader@hacking:~/booksrc $
This is fine if reader is the only user of the simplenote program; however,
there are many times when multiple users need to be able to access certain
portions of the same file. For example, the /etc/passwd file contains account
information for every user on the system, including each user's default login
shell. The command
chsh
allows any user to change his or her own login shell.
This program needs to be able to make changes to the /etc/passwd file, but
only on the line that pertains to the current user's account. The solution to
this problem in Unix is the
set user ID (setuid)
permission. This is an addi-
tional file permission bit that can be set using
chmod
. When a program with
this flag is executed, it runs as the user ID of the file's owner.
reader@hacking:~/booksrc $ which chsh
/usr/bin/chsh
reader@hacking:~/booksrc $ ls -l /usr/bin/chsh /etc/passwd
-rw-r--r-- 1 root root 1424 2007-09-06 21:05 /etc/passwd
-rw
s
r-xr-x 1 root root 23920 2006-12-19 20:35 /usr/bin/chsh
reader@hacking:~/booksrc $
The
chsh
program has the
setuid
flag set, which is indicated by an
s
in the
ls
output above. Since this file is owned by root and has the
setuid
permission
set, the program will run as the root user when
any
user runs this program.
The /etc/passwd
file that
chsh
writes to is also owned by root and only allows
the owner to write to it. The program logic in
chsh
is designed to only allow
writing to the line in /etc/passwd
that corresponds to the user running the
program, even though the program is effectively running as root. This
means that a running program has both a real user ID and an effective user
ID. These IDs can be retrieved using the functions
getuid()
and
geteuid()
,
respectively, as shown in uid_demo.c.