alice
and bob
both belong to the staff
group.
I've got the following folder:
drwxrwxr-x 2 alice staff 4096 Oct 30 14:45 share
with the following files inside the folder:
-rwsr-xr-x 1 alice alice 8768 Oct 30 14:45 display-foo
-rw------- 1 alice alice 24 Oct 30 14:45 foo.txt
display-foo
is a binary file that essentially displays the contents of foo.txt
using the cat
command.
When alice
runs ./display-foo
, the binary file executes successfully and the contents of foo.txt
are displayed. However, when bob
runs ./display-foo
, the binary file executes successfully but the contents of the foo.txt
are not displayed, yielding the error /bin/cat: /home/alice/share/foo.txt: Permission denied
.
From my understanding, setting the setuid bit allows the binary executable to be executed with the privileges of the file's owner (in this case, alice
). Why, then, was bob
not allowed to view the contents of foo.txt
?
ADDENDUM: I have recompiled my binary file with the geteuid()
function so that it prints out the effective user ID (EUID). Indeed, when bob
executes the binary file, the EUID is that of alice
. Yet, permission is denied. Here's a snippet of the source code:
printf("%d", geteuid());
system("/bin/cat /home/alice/share/foo.txt");
Best Answer
I read through the manual page for the
system
function and came across the following passage which offers an explanation:Here are some other StackExchange posts that I read through on my way to that passage:
For posterity, and because the given example might be useful for diagnosing this or similar issues in other contexts, I've kept my original below.
Is it possible that you're running into a bug? I was unable to reproduce your problem in a Docker container running Debian 9 with gcc 6.3. Here is how I went about trying to recreate the scenario described in your post.
First create the "alice" and "bob" users and them to the "staff" group:
Next create the file and set its ownership and permissions:
Let's check the results:
Now let's create a version of
display-foo
which uses thesystem
function:And let's set ownership and permissions on
display-foo
, including setting the setuid bit:Let's also check the result:
Now we run the program both as
alice
and asbob
:As you can see, it looks like everything is working as expected.