Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

setuid and setting date

Posted on 1998-11-13
2
Medium Priority
?
217 Views
Last Modified: 2012-05-04
If I create a program owned by root and set the mode to 4755, does it run as root?

If this program issues a system call to change the date will it work?

Basically I want a user to be able to change the system's date and time without using root's password.
0
Comment
Question by:mag062397
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
Wimmeke earned 200 total points
ID: 7546297
Hi mag!

You posted this question in 1998 and noone answered it. I'm not a linux guru, far from, but I just can't resist giving this question a try with my (very) basic knowledge of setuid. Even if it only was to imagine your amazed face if you receive an email about this one :-)

As far as I know, if a file is setuid and the owner is root, then the setuid will also be root. This means it will have the same priveliges as root has. This includes changing the systems date and time.

This is what I learned in theory. However, I wouldn't be Wimmeke if I didn't try this out. I tested this on /usr/bin/slocate owned by root and set the setuid with chmod 4777 (Was 777). When I ran slocate it ran as the other user instead of as root though :-D

So back to theory ... I will make this a quest to get your question answered after 4 years :-)

PS: Aren't you a linux guru now? With all those extra years of experience? If so, maybe you can help me out with my quest yourself :-)

Ciao

Wimmeke
0
 

Author Comment

by:mag062397
ID: 7547264
Wow - 4 years.  I completely forgot about this.  

Well, I just picked my brain for about 10 minutes trying to remember why I asked such a seemingly simple question and I now remember.  I should have used the words "hardware clock" instead of "system" date and time.  

Yes, you are correct a simple chmod 4755 works on the /bin/date command; although, I'm not sure it if worked in Redhat's version 4.x (back in 1998).

I justed looked over my notes on this and I realized that I found the source code to the hwclock program and modified it so that it didn't do a uid (user id) check.

The hwclock.c file checks the UID to see if it is 0 (root's UID).  If not it exits with an error.

So, I believe I asked this question before I modified the hwclock.c program and before I fully understood what the exact problem was.

You are correct, however, setting the suid bit will allow you to set the system's date and time; however, it won't be remembered on a reboot unless you also set the hardward clock.  A setuid doesn't work on the hwclock program because it looks at the user's real id.

Well, it'll be good to but this question to bed.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question