Solved

setuid and setting date

Posted on 1998-11-13
2
205 Views
Last Modified: 2012-05-04
If I create a program owned by root and set the mode to 4755, does it run as root?

If this program issues a system call to change the date will it work?

Basically I want a user to be able to change the system's date and time without using root's password.
0
Comment
Question by:mag062397
2 Comments
 
LVL 1

Accepted Solution

by:
Wimmeke earned 50 total points
ID: 7546297
Hi mag!

You posted this question in 1998 and noone answered it. I'm not a linux guru, far from, but I just can't resist giving this question a try with my (very) basic knowledge of setuid. Even if it only was to imagine your amazed face if you receive an email about this one :-)

As far as I know, if a file is setuid and the owner is root, then the setuid will also be root. This means it will have the same priveliges as root has. This includes changing the systems date and time.

This is what I learned in theory. However, I wouldn't be Wimmeke if I didn't try this out. I tested this on /usr/bin/slocate owned by root and set the setuid with chmod 4777 (Was 777). When I ran slocate it ran as the other user instead of as root though :-D

So back to theory ... I will make this a quest to get your question answered after 4 years :-)

PS: Aren't you a linux guru now? With all those extra years of experience? If so, maybe you can help me out with my quest yourself :-)

Ciao

Wimmeke
0
 

Author Comment

by:mag062397
ID: 7547264
Wow - 4 years.  I completely forgot about this.  

Well, I just picked my brain for about 10 minutes trying to remember why I asked such a seemingly simple question and I now remember.  I should have used the words "hardware clock" instead of "system" date and time.  

Yes, you are correct a simple chmod 4755 works on the /bin/date command; although, I'm not sure it if worked in Redhat's version 4.x (back in 1998).

I justed looked over my notes on this and I realized that I found the source code to the hwclock program and modified it so that it didn't do a uid (user id) check.

The hwclock.c file checks the UID to see if it is 0 (root's UID).  If not it exits with an error.

So, I believe I asked this question before I modified the hwclock.c program and before I fully understood what the exact problem was.

You are correct, however, setting the suid bit will allow you to set the system's date and time; however, it won't be remembered on a reboot unless you also set the hardward clock.  A setuid doesn't work on the hwclock program because it looks at the user's real id.

Well, it'll be good to but this question to bed.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now