User Tools

Site Tools


linux:setuid

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

linux:setuid [2019/01/21 11:22] (current)
seanburns created
Line 1: Line 1:
 +<​markdown>​
 +# Local Security -- SetUID
 +# Date: Wed Oct 24 2018
  
 +SetUID is generally used to allow normal users to run programs as if they were
 +administrators but without them having to become administrators.
 +
 +The book highlights how the ``ping`` command is often SetUID root. Let's
 +examine whether it's so on our virtual machines:
 +
 +```bash
 +$ which ping
 +/​usr/​bin/​ping
 +$ ls -l /​usr/​bin/​ping
 +-rwxr-xr-x. 1 root root 63224 Feb  7  2018 ping
 +$ stat /​usr/​bin/​ping
 +```
 +
 +Compare that to:
 +
 +```bash
 +$ which mount
 +/​usr/​bin/​mount
 +$ ls -l /​usr/​bin/​mount
 +-rwsr-xr-x. 1 root root 50152 Jul 16 07:56 /​usr/​bin/​mount
 +$ stat /​usr/​bin/​mount
 +```
 +
 +For the ``stat`` command, we can see that the octal mode for the ownership of
 +the file. For:
 +
 +- /​usr/​bin/​ping: ​ 0755
 +- /​usr/​bin/​mount:​ 4755
 +
 +## Task
 +
 +- Use the ``find`` command to locate any files that have SetUID set to 4000.
 +- Note the owners of those files.
 +- Note the locations of those files.
 +- What's different about files with SetUID on and files with SetGID on?
 +
 +
 +```bash
 +$ sudo find / -perm -4000 -ls
 +$ sudo find / -perm -4000 | xargs stat -c '%A %a %n'
 +```
 +
 +Question: why is ``/​usr/​bin/​ping`` highlighted when using ``ls -l``?
 +
 +Use ``getcap`` to see file capabilities. Read about ``capabilites`` in its
 +manpage.
 +
 +```bash
 +$ man getcap
 +$ getcap /​usr/​bin/​ping
 +/​usr/​bin/​ping = cap_net_admin,​cap_net_raw+p
 +$ man 7 capabilities
 +```
 +</​markdown>​
linux/setuid.txt ยท Last modified: 2019/01/21 11:22 by seanburns