?
Solved

setuid and setting date

Posted on 1998-11-13
2
Medium Priority
?
214 Views
Last Modified: 2012-05-04
If I create a program owned by root and set the mode to 4755, does it run as root?

If this program issues a system call to change the date will it work?

Basically I want a user to be able to change the system's date and time without using root's password.
0
Comment
Question by:mag062397
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
Wimmeke earned 200 total points
ID: 7546297
Hi mag!

You posted this question in 1998 and noone answered it. I'm not a linux guru, far from, but I just can't resist giving this question a try with my (very) basic knowledge of setuid. Even if it only was to imagine your amazed face if you receive an email about this one :-)

As far as I know, if a file is setuid and the owner is root, then the setuid will also be root. This means it will have the same priveliges as root has. This includes changing the systems date and time.

This is what I learned in theory. However, I wouldn't be Wimmeke if I didn't try this out. I tested this on /usr/bin/slocate owned by root and set the setuid with chmod 4777 (Was 777). When I ran slocate it ran as the other user instead of as root though :-D

So back to theory ... I will make this a quest to get your question answered after 4 years :-)

PS: Aren't you a linux guru now? With all those extra years of experience? If so, maybe you can help me out with my quest yourself :-)

Ciao

Wimmeke
0
 

Author Comment

by:mag062397
ID: 7547264
Wow - 4 years.  I completely forgot about this.  

Well, I just picked my brain for about 10 minutes trying to remember why I asked such a seemingly simple question and I now remember.  I should have used the words "hardware clock" instead of "system" date and time.  

Yes, you are correct a simple chmod 4755 works on the /bin/date command; although, I'm not sure it if worked in Redhat's version 4.x (back in 1998).

I justed looked over my notes on this and I realized that I found the source code to the hwclock program and modified it so that it didn't do a uid (user id) check.

The hwclock.c file checks the UID to see if it is 0 (root's UID).  If not it exits with an error.

So, I believe I asked this question before I modified the hwclock.c program and before I fully understood what the exact problem was.

You are correct, however, setting the suid bit will allow you to set the system's date and time; however, it won't be remembered on a reboot unless you also set the hardward clock.  A setuid doesn't work on the hwclock program because it looks at the user's real id.

Well, it'll be good to but this question to bed.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question