Solved

setuid and setting date

Posted on 1998-11-13
2
213 Views
Last Modified: 2012-05-04
If I create a program owned by root and set the mode to 4755, does it run as root?

If this program issues a system call to change the date will it work?

Basically I want a user to be able to change the system's date and time without using root's password.
0
Comment
Question by:mag062397
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Accepted Solution

by:
Wimmeke earned 50 total points
ID: 7546297
Hi mag!

You posted this question in 1998 and noone answered it. I'm not a linux guru, far from, but I just can't resist giving this question a try with my (very) basic knowledge of setuid. Even if it only was to imagine your amazed face if you receive an email about this one :-)

As far as I know, if a file is setuid and the owner is root, then the setuid will also be root. This means it will have the same priveliges as root has. This includes changing the systems date and time.

This is what I learned in theory. However, I wouldn't be Wimmeke if I didn't try this out. I tested this on /usr/bin/slocate owned by root and set the setuid with chmod 4777 (Was 777). When I ran slocate it ran as the other user instead of as root though :-D

So back to theory ... I will make this a quest to get your question answered after 4 years :-)

PS: Aren't you a linux guru now? With all those extra years of experience? If so, maybe you can help me out with my quest yourself :-)

Ciao

Wimmeke
0
 

Author Comment

by:mag062397
ID: 7547264
Wow - 4 years.  I completely forgot about this.  

Well, I just picked my brain for about 10 minutes trying to remember why I asked such a seemingly simple question and I now remember.  I should have used the words "hardware clock" instead of "system" date and time.  

Yes, you are correct a simple chmod 4755 works on the /bin/date command; although, I'm not sure it if worked in Redhat's version 4.x (back in 1998).

I justed looked over my notes on this and I realized that I found the source code to the hwclock program and modified it so that it didn't do a uid (user id) check.

The hwclock.c file checks the UID to see if it is 0 (root's UID).  If not it exits with an error.

So, I believe I asked this question before I modified the hwclock.c program and before I fully understood what the exact problem was.

You are correct, however, setting the suid bit will allow you to set the system's date and time; however, it won't be remembered on a reboot unless you also set the hardward clock.  A setuid doesn't work on the hwclock program because it looks at the user's real id.

Well, it'll be good to but this question to bed.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question