ping
needs root so it can open a socket in raw mode. That's literally the first thing it does when it starts up:
icmp_sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
socket_errno = errno;
That's the only thing it needs root for, so like many programs, it immediately drops its privilege level back to your normal user account:
uid = getuid();
if (setuid(uid)) {
perror("ping: setuid");
exit(-1);
}
You might know the normal read, write and execute permissions for files in unix.
However, in many applications, this type of permission structure--e.g. giving a given user either full permission to read a given file, or no permission at all to read the file--is too coarse. For this reason, Unix includes another permission bit, the set-user-ID
bit. If this bit is set for an executable file, then whenever a user other than the owner executes the file, that user acquires all the file read/write/execute privileges of the owner in accessing any of the owner's other files!
To set the set-user-ID bit for a file, type
chmod u+s filename
Make sure that you have set group-other execute permission too; it would be nice to have group-other read permission as well. All of this can be done with the single statement
chmod 4755 filename
It is also referred to as Saved UID. A file that is launched that has a Set-UID bit on, the saved UID will be the UID of the owner of the file. Otherwise, saved UID will be the Real UID.
What is effective uid ?
This UID is used to evaluate privileges of the process to perform a particular action. EUID can be changed either to Real UID, or Superuser UID if EUID!=0. If EUID=0, it can be changed to anything.
Example
An example of such program is passwd
. If you list it in full, you will see that it has Set-UID bit and the owner is "root". When a normal user, say "mtk", runs passwd
, it starts with:
Real-UID = mtk
Effective-UID = mtk
Saved-UID = root
Reference link 1
Reference link 2
Best Answer
You can't change other passwords because the program won't allow you to. The program has system permissions to change any password it wants, because it is running as
root
, but the program has been specifically designed not to give the user any way to get it to use those permissions.It is not quite that the user becomes root temporarily, it is that the trusted program runs with root permissions. Obviously, only programs that are specifically designed to limit users to doing only what they should be permitted to do can safely be made setuid.