Solved

What is stickey bit ??

Posted on 2001-07-26
10
572 Views
Last Modified: 2012-06-27
What is main differences between stickey bit and set user id (group id )
which is done using
chmod u+s
chmod g+s
chmod u+t

I was trying to set the following priv for /usr/bin/sh in my local home
-rwsr-sr-t   /home/rajiv/sh
Thia way while i run this script (i.e. sh) i should be having the root's priv.
Pl explain in detail
And how can i achieve this on Unixware 7.1.1
thanks in advance
0
Comment
Question by:rajiv_indya
10 Comments
 
LVL 5

Expert Comment

by:paulqna
ID: 6322461
The t means only the OWNER will have sufficient privileges to delete the file.

Just the first chmod u+s will do the trick the t will normally only be set on the /tmp directory.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6324527
Some clarification...

+t _on_a_directory_ means that only the owner of a file can delete it.  It essentially has no meaning any longer on regular files (it used to be a hint to the memory swapping system, but very few systems use swapping any more, as opposed to demand-paging).

Meanwhile, u+s/g+s implies that the program will run with the id of the file's owner (group).  If you want something to run as root, you have to chown it to be owned by root and then set u+s.
0
 

Author Comment

by:rajiv_indya
ID: 6332889
I was trying to set the following priv for /usr/bin/sh in my local home
-rwsr-sr-t   /home/rajiv/sh
This way while i run this script (i.e. sh) i should be having the root's priv.
but it is not so ..
Why ????
sh should be run with root owner

Also documentaion says that 1st line of shell script which is being executed should be
"#! /bin/sh"
Is it not true with binary files...???
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 14

Accepted Solution

by:
chris_calabrese earned 10 total points
ID: 6334438
There are four problems with this:
1.  This only works if the file is owned by root:sys (or whatever group you want to sgid to).
2.  This is a very bad idea from a security standpoint, as it allows anyone who can break into your account (sniff your password on the net through telnet or XDM, take advantage of bugs in cron or mail, etc) to become root trivially.
3.  The +t doesn't do anything useful.
4.  Most versions of sh have code that doesn't allow suid/sgid to prevent you from doing what you're trying to do.
0
 

Expert Comment

by:gmancuso
ID: 6342017
Right on chris_calabrese

rajiv_indya, perhaps you could tell us what you're trying to do, and we can give some ideas about a better way to do it?

To clear up some points:
#!/bin/sh tells the shell to go find /bin/sh and use it to interpret the file.  (I'm fairly sure it will use the file (not /bin/sh) to determine what permissions to use.)  #!/usr/local/bin/superinterpreter indicates that /usr/local/bin/superinterpreter will be handling the file.  

If all you're wanting to do is have a suid script, change the _script_, not its interpreter, to be suid.  (remember to keep suid scripts under tight control.. )

Hope that helps.. send more info, we'll send better answers :)

-Gus
0
 
LVL 9

Expert Comment

by:PeterMac
ID: 6413531
rajiv

 Fully in accord with previous answers, the one thing they haven't mentioned is that you would have to have root permissions already to achieve what you seem to be trying to do. the only way you can set "s" bits on a file owned by root is to be root, and the file must be owned by root before you set the bits.

0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 6799360
Lucky that EE no longer autogrades, huh?
As I see it, Chris deserves the points more than PeterMac, no? I mean Peter, your's is a comment if I ever saw a comment ;-)

Michel
0
 
LVL 9

Expert Comment

by:PeterMac
ID: 6799564
to mplungian

No problem at all with that, I just figured question had been answered, and not too happy about discussing unix security bypasses with someone at the level of question proposer. A simple statement of facts is OK, but suggestions on other methods of achieving what he was trying to do are out in my book.

Wasn't aware EE ever did autograde, and there had been no comment for three weeks. It was also my first day logged into EE, and hadn't quite figured out the system.
0
 
LVL 20

Expert Comment

by:tfewster
ID: 7621362
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
- Answered by chris_calabrese

Please leave any comments here before 13/1/2003

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster (I don't work here, I'm just an Expert :-)
0
 

Expert Comment

by:SpideyMod
ID: 7805230
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question