- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: set UID
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 07:31 AM
тАО12-03-2009 07:31 AM
set UID
I am new to HPUX.
while practiceing set UID in test server have some issue.
===================================
I am logged in as a root user.
# cat p1
sleep 20
# ll p1
-r-sr-xr-x 1 root sys 9 Dec 3 10:24 p1
===================================
Now I am executing p1 as a normal user "usr1", I found that the child process has owner as "user1" but should be "root"
$ sh p1 &
$ ps -ef| grep sleep
user1 11500 11499 0 10:05:52 pts/5 0:00 sleep 20
====================================
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 07:40 AM
тАО12-03-2009 07:40 AM
Re: set UID
"Set-UID" scripts are potentially dangerous. Current HP-UX kernels can control whether or not shell scripts are allowed to run "setuid".
This is controlled by the kernel parameter 'secure_sid_scripts':
http://docs.hp.com/en/B2355-60130/secure_sid_scripts.5.html
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 09:21 AM
тАО12-03-2009 09:21 AM
Re: set UID
Thanks for your reply. I checked the value of the said parameter, it was 1 & I have changed it to 0. still output remains same...
===============================
# kctune | grep -i secure
secure_sid_scripts 0 0 Immed
===============================
$ ll p1
-r-sr-xr-x 1 root sys 9 Dec 3 10:24 p1
$ cat p1
sleep 20
$ sh p1 &
[1] 12198
$ ps -ef| grep sleep
piyush 12199 12198 1 12:19:06 pts/3 0:00 sleep 20
===============================
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 09:42 AM
тАО12-03-2009 09:42 AM
Re: set UID
Add an 'id' command call before your 'sleep' to display the _effective_ userid of the process:
# cat p1
id
sleep 20
# chmod 4555 p1
Too, there is no reason to do:
# sh p1
Instead, skip the extra shell and do:
# ./p1
Regards!
...JRF...
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 10:22 AM
тАО12-03-2009 10:22 AM
Re: set UID
This is the output...
============================
$ cat p1
id
sleep 20
$ ./p1
uid=107(user1) gid=1001(b)
============================
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-03-2009 10:48 AM
тАО12-03-2009 10:48 AM
Re: set UID
On a system that allows 'setuid' shell scripts, your output should look something like:
$ ./p1
uid=1000(jrf) gid=20(users) euid=0(root)
Notice that this works if you don't impose another subshell by running 'sh p1'.
The fact that you don't show the effective ID field suggests something is amiss. Verify that your latest change as the 'setuid' bit set on the script; that the script is owned by 'root'.
Regards!
...JRF...