topic Re: SetUID behavior in Operating System - HP-UX

SetUID behavior

Marie-Josee Cormier — Tue, 20 Mar 2007 14:37:58 GMT

Is this normal behavior?
We have the SetUID on a file, so we want users to run it, to run it as ftpuser.

Like you can see, runing the whoami command shows it works, displaying ftpuser.

Here's a few tests commands..

[root@ACME /home/test/] ls -Fla test.sh
-rwsr-xr-x 1 ftpuser sys 49 Mar 20 16:24 test.sh*

[root@ACME /home/test/] cat ./test.sh
#!/usr/bin/sh
cd /userdisk/prod/msweb
pwd
whoami

[root@ACME /home/test/] ./test.sh
./test.sh[2]: /userdisk/prod/msweb: Permission denied.
/home/test
ftpuser

[root@HPUNIXA /home/test/] su ftpuser
[u@h /home/test/] cd /userdisk/prod/msweb
[u@h /userdisk/prod/msweb/]

[u@h /userdisk/prod/msweb/] id ftpuser
uid=xxx(ftpuser) gid=xxx(dti)

[root@ACME /userdisk/prod/] ls -Fla | grep msweb
drwxrws--- 3 appsfcpa dti 96 Jul 28 2005 msweb/

Is this normal behavior?

Hope this is not too much confusing..

Thanks!

Re: SetUID behavior

A. Clay Stephenson — Tue, 20 Mar 2007 15:03:33 GMT

This is a little hard to follow but /userdisk/prod/msweb does not have search permission for user ftpuser. Although the group permission allow group dti, you have only done a setuid not a setgid. Set both the setuid and setgid bits on your script.

I must say that setuid scripts are something that should really, really be avoided because they are a security hole you can drive a truck through. This is the sort of thing that is much better done with sudo or at least a setuid C program. I don't allow setuid scripts on any of my boxes and on those OS versions where setuid scripts can be disabled in the kernel, I disable them.

Re: SetUID behavior

Ivan Krastev — Tue, 20 Mar 2007 15:08:13 GMT

Sript have owner ftpuser and group sys, but folder is with appsfcpa.dti. When you switch to user ftp your group is changed to dti and all is ok.

Try to change group ownership of script to dti.

regards,
ivan

Re: SetUID behavior

Marie-Josee Cormier — Wed, 21 Mar 2007 07:01:42 GMT

Ok, sorry for the unclear post.

I though than when a script was executed with a SetUID, you were inheriting is group security as well.

Maybe I should explain what we wanted to do. We often need to transfer files to different ftp sites. We wanted those ftp sites access(user and pass) to remain secret even to user who executed those scripts.

So we created a .netrc file on our ftpuser user, wich contains a database of ftp sites, users and pass.

So when executing the putftp script, it was run as this ftpuser.

Sounds more complex than it is, i'm just not good at puting idea on text! : )

Anyway, thanks for your help, i'll look for another way.

Thanks

Re: SetUID behavior

Marie-Josee Cormier — Wed, 21 Mar 2007 07:17:51 GMT

Ok, I now understands SetUID better. It runs as the owner of the script, but the group security is still the executer of the script.

Thanks