Andrew Benton wrote:
Thanks, Andrew. But I asked for "good" documentation <G>. Sorry, I had to say that.Dan McGhee wrote:
In getting to this point in Linux, I've read many times something to the effect, "This needs to be setuid root." And that this means that the "sticky bit" is set. Beyond that I can't find anything. What does "setuid" really mean? What exactly does it do? What does it cause? What does it prevent?
Would someone please point me in the direction of some good documentation on the subject or present their ideas here?
Read man setuid
I did read that and "seteuid," "geteuid," "setreuid," and "setresuid." All of these deal with reading and setting the REAL uid, EFFECTIVE uid and SAVED uid of a process. I'm guessing here, please let me know how close I am, that these values are passed to a process by a parent process. I don't know how they are related. The books I have here at home "Linux Power Tools" and "Unix Power Tools" both stop at saying that a parent forks or spawns a child process and passes the parent environment to the child. Any changes in the child's environment will not effect the parent.
Let me digress for a second. In the discussion of SUID and GUID, "Linux Power Tools," p. 105, says, "...when you run a program, that program runs with the permisssions of the user who launched the program. With the SUID...bit set, though, the program runs with the permissions associated with the program file's owner.... This feature is used by a handful of key system programs to enable users to do things that they otherwise wouldn't be able to do, such as access a CD-R drive's device files."
>From reading the man pages, I'm guessing again, that 'setuid' is somehow in the environment and it reads (?) the fact that SUID is set. My real world and recent experience was that I could not 'su' to root from my own account until I ran 'chmod u+s su.' So this tells me that NOBODY could invoke 'su' UNLESS SUID was set. I don't understand how this fits together.
Do I have incomplete knowlege, a misconception or an almost complete non-understanding of how setuid and SUID fit together.
Thanks again,
Dan
-- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
