setuid bit doesn't do the trick!!!

[john77eipe]

I have a folder "share"

Code:

eipe@eipe-john:~$ ls -l | grep share
drwxrwxr-t  2 eipe dev    4096 2010-12-13 21:07 share

and in share I have a executable file list.sh

Code:

-rwsr-sr-- 1 eipe egroup  3 2010-12-12 18:35 list.sh

There are 2 users in the picture - "eipe" and "tom". Both are member's of "dev" group.

I read that if setuid bit is set on a executable file it causes the program to run as it's owner, no matter who executes it. But when tom tries to run list.sh

Code:

tom@eipe-john:/home/eipe/share$ ./list.sh
bash: ./list.sh: Permission denied

[StephenDavison]

Look at the group id for the directory and script, and group membership for the two users. The users are group dev, but the script is owned by group egroup. Change the group ownership on the script to dev or put your users in egroup.

[john77eipe]

yes it does work.

Code:

tom@eipe-john:/home/eipe/share$ ls -l | grep list.sh
-rwxr-xr-- 1 eipe dev     3 2010-12-12 18:35 list.sh

After changing the group and making it group-executable, tom is able to run the file.

But then what is the use of setuid?

[StephenDavison]

Setuid does what you think it does. Your issue was not with the setuid, but with the ownership and/or execute permissions. Making the script executable by all (rwxr-xr-x) would've allowed user tom to execute it with the script owned by group egroup (and tom in group dev). In that case setgid would've made tom's effective group id egroup, and setuid would make tom's effective uid epipe.

Your issue was that tom needs to be a member of the owning group (with execute permissions set for the group), or enable execute permissions for all users.

[john77eipe]

In that case setgid would've made tom's effective group id egroup, and setuid would make tom's effective uid epipe.

Hmm... I'm still confused with the real and effective user ID concepts.

[The Cog]

I am under the impression that setuid doesn't work for scripts - only for binaries. I gather it's a security thing. I have in the past compiled small executables purely because a script with a one-line command in it won't do setuid.

[StephenDavison]

Edited to add:
Cog is right. I missed that and was therefore wrong as can be! I'm sorry for misleading and causing confusion. Hopefully your confusion regarding effective and real id's was not caused by that. Just in case not, the following was my original reply.

Original post:
For example, look at /usr/bin/passwd which is owned by root with setuid enabled. The passwd command alters files owned and writeable by root alone, but you as a regular user can alter those files through the passwd command.

real: your actual user/group ids
effective: the user/group ids you get for the duration of the process via setuid (root in the case of the passwd command)

This wiki entry includes an example showing real vs effective user id: http://en.wikipedia.org/wiki/Setuid