cancel
Showing results for 
Search instead for 
Did you mean: 

suid-sgid script for hp-ux

SOLVED
Go to solution
AL_3001
Regular Advisor

suid-sgid script for hp-ux

Hi,

We have proposed to implement SUID and SGID bit to reduce the risk of acquisition of root rights through the exploitation of programs run under the superuser.

Can you explain me the importance of SUID and SGID bit and provide me a scripr to perform the checks on hp-ux.

Thank You.

Regards,
AL
4 REPLIES
SoorajCleris
Honored Contributor
Solution

Re: suid-sgid script for hp-ux

There are three types of special file attributes: set user ID (SETUID), set group ID (SETGID), and sticky bit. In the general case, if a user executes a file owned by someone else, the process created in memory is owned by the user who executes the file. In the case of SETUID, the process created is owned by the owner of the file. A similar rule is applicable in the case of the SETGID bit. The sticky bit is used to protect files in that directory.

SETUID and SETGID
We use the chmod command to set these special permissions to a file. If you are using a symbolic method, use u+s for setting SETUID and g+s for setting SETGID. In case you use octal numbers, add a fourth octal digit on the left-hand side of the file permissions. Digit 4 represents SETUID and 2 represents SETGID. Examples of symbolic and octal number use are given below.
$ ll file1
-rwxrwxrwx 1 boota users 0 Sep 8 18:06 file1
$ chmod u+s file1 $ ll file1
-rwsrwxrwx 1 boota users 0 Sep 8 18:06 file1
$ chmod 2777 file1
$ ll file1
-rwxrwsrwx 1 boota users 0 Sep 8 18:06 file1
$
As you can see, "x" is replaced by "s" in the file permission representation with either SUID or SGID.
The SUID bit plays an important role when you want to execute a program with higher privileges. For example, when you change your password, you modify the /etc/passwd file. Only root has permission to modify this file, so how can every system user modify it? This becomes possible because the command you use for a password change (/bin/passwd) is owned by root and has the SETUID bit set. So whenever any user executes this command, the command runs as root and has the privilege to modify the /etc/passwd file.
This also causes a great security problem. For example, if you have a program with the SUID bit set, anybody executing that program gets the privileges of the owner of the program during the execution of that program. Now, if by chance you also allow write permission to that program file, someone can change the contents of the program and execute it with the owner privilege. Just imagine if someone has write permission to a file owned by root and the SETUID bit is in place, the user can change its contents with some other command to damage the whole file system!
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
Roopesh Francis_1
Trusted Contributor

Re: suid-sgid script for hp-ux

Jean-Luc Oudart
Honored Contributor

Re: suid-sgid script for hp-ux

AL

did you check if sudo could do the job for you ?

use the find command to get the list of programs with set user/group bit

Regards
Jean-Luc

fiat lux