Using setuid Properly

osxsetuid

I've been scared too much by the warning about setuid. However I cannot find a way around using it.

I want to be able to run:
arp -s 198.51.100.1 00:53:00:12:34:56
as the user steven but arp -s requires root.

Would this be the correct way to do it?

sudo nano example.sh
sudo chmod u+s example.sh
sudo chmod og-w example.sh
sudo chmod o+x example.sh
./example.sh

Best Answer

Short story: don't use setuid shell scripts (or any setuid/setgid script).

Long story: Allow setuid on shell scripts

Solution: invoke the command using sudo.

sudo arp -s 198.51.100.1 00:53:00:12:34:56

To allow the user steven to run this command without entering a password, run visudo and add the following line:

steven ALL = (root) NOPASSWD: arp -s 198.51.100.1 00\:53\:00\:12\:34\:56

If you have other sudo entries for steven, the NOPASSWD: one(s) need to come last.

Related Solutions

Group memberships and setuid/setgid processes

The problem is that setuid and setgid are not sufficient to give your process all the credentials it needs. The authorizations of a process depend on

its UID
its GID
its supplementary groups
its capabilities.

See man 7 credentials to get a more detailed overview. So, in your case, the problem is that you correctly set the UID and GID, but you don't set the supplementary groups of the process. And group bar has GID 54, no 73 so it is not recognized as a group your process is in.

You should do

#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <grp.h>

int main (void) {
    gid_t supplementary_groups[] = {54};

    setgroups(1, supplementary_groups);
    setgid(73);
    setuid(73);
    int fd = open("/test.txt", O_RDONLY);
    fprintf(stderr,"%d\n", fd);
    return 0;
}

Shell Script – How to Drop Root Privileges

I use runit's chpst tool for tasks like this. For example, from the up script call your unprivileged script:

chpst -u nobody /path/to/script

Best Answer

Related Solutions

Group memberships and setuid/setgid processes

Shell Script – How to Drop Root Privileges

Related Question