You are here
Home > Redhat > Set UID Script

Set UID Script

what is SUID?

SUID, Set User-ID, is one of the most beautiful concepts in UNIX. The common definition given for SUID is, it is an advanced file permission which allows an user to execute a script as if the owner of the script is executing it.

Let us do a case study right away to understand what exactly is SUID bit and how to use it.

A user root writes a simple script:
 

#cat suidtest.sh

#!/usr/bash

dt=`date`

echo $USER  $dt  >> /stest/log

echo "Updated the log file sucessfully."

The above example shows a simple shell script which writes the username and date-time to a log file and echoes a confirmation statement .

#chmod 755 suidtest.sh

# mv suidtest.sh /usr/bin

Check the file permission for the both files

-rwxr-xr-x  1 root root 60 Jun 24 21:44 suidtest.sh

-rw-r–r–  1 root root0 Jun 24 21:44 log

#./suidtest.sh

Updated the log file sucessfully.

#cat /stest/log

root Fri Jun 25 08:01:16 IST 2010

Create a user called smart

Now, the user 'smart' has been told to run this script everyday. Since the script sgidtest.shhas executable permission for others, 'smart' can execute the script.

The user 'smart' logs into his account and does:

$which suidtest.sh

/usr/bin/suidtest.sh

$suidtest.sh

suidtest.sh: line 3: /stest/log: Permission denied

When smart runs the script, effectively it means 'smart' is trying to write on the file 'log' on which he has no permission, and hence the error.

At the outset, a solution can be thought of to give the 'write' permission to the user 'smart' on the file 'log'. Let's try and see.

The user 'root' gives the write permission on the log file:
 

#chmodo+w log

#ls -l log

-rw-r–rw-  1 root root  20 Jun 24 21:44 log

Now, the user 'smart' tries to run the script:

$suidtest.sh

Updated the log file sucessfully.

#cat /stest/log

smart Fri Jun 25 08:01:16 IST 2010

smart Fri Jun 25 08:41:16 IST 2010

The script ran successfully. However, the problem is not solved, instead it got bigger. Though the 'write' permission was given on the 'log' file to enable 'smart' run the script, effectively it will now enable the 'smart' to simply open the 'log' file and start editing as per his wish. This is because 'others' has the 'write' permission and everything is his now.

So, we want a solution wherein 'smart' does not get to edit the 'log' file directly, however still can run the script 'sguidtest.sh' which updates the 'log' file. This means we would like to have some kind of permission by which the effective user smart gets the permissions of the real user root on running the suidtest.sh script

This is where SUID comes in. When the SUID(s) bit is set on an executable, whoever runs the executable gets the same permission as the owner of the file. The SUID can be set on a file by adding the 's' bit as shown below:

#chmod o-w log

#chmodu+ssuidtest.sh

#ls -l suidtest.sh log

-rwsr-xr-x  1 root root 60 Jun 24 21:44 suidtest.sh

-rw-r–r–  1 rootroot 20 Jun 24 21:44 log

#

Once the SUID is applied, it means any user who runs the executable will get the permissions of the owner of the file while running it. So, when 'smart' tries to run the suidtest.sh, Linux treats 'smart' with the same permission as the owner 'root' has on the 'log' file, and hence 'smart' can update the 'log' file successfully through the script.

The 'smart' now tries to run the script:

$suidtest.sh

Updated the log file sucessfully.

$cat /stest/log

root Fri Jun 25 08:01:16 IST 2010

smart Fri Jun 25 08:41:11 IST 2010

This is how the SUID bit works.

Leave a Reply

10 − one =

Top