当前位置: 技术问答>linux和unix
正在运行的进程切换自己的属主失败
来源: 互联网 发布时间:2017-02-20
本文导语: 例如:一个进程启动时是使用用户A启动的,这个进程运行期间,能否将自己切换成用户B么? 使用setuid尝试,发现总是失败,测试使用文件权限如下设置: -rwxr-xr-x 1 nmsuser root 10300 Apr 26 15:32 a.out ...
例如:一个进程启动时是使用用户A启动的,这个进程运行期间,能否将自己切换成用户B么?
使用setuid尝试,发现总是失败,测试使用文件权限如下设置:
-rwxr-xr-x 1 nmsuser root 10300 Apr 26 15:32 a.out
-rwx------ 1 ftpuser root 12 Apr 26 11:13 testfile.txt
测试代码如下,使用nmsuser登录系统执行a.out:
int main(int argc, void** argv)
{
struct passwd *pw;
uid_t uid;
pw = getpwnam("ftpuser");
printf("nnn");
printf("getpwnam(ftpuser):n");
printf("name = %snuid = %dngid = %dnhome = %snshell = %sn",
pw->pw_name, pw->pw_uid, pw->pw_gid, pw->pw_dir, pw->pw_shell);
int err = setuid(pw->pw_uid);
printf("new UID: %dn", getuid());
printf("errcode: %dn", err);
printf("errno: %dn", errno);
char errmsg[1024] = {0};
perror(errmsg);
printf("%sn", errmsg);
FILE* pFile = fopen("testfile.txt", "r");
if (NULL == pFile)
{
printf("Open File Fail!n");
return 0;
}
char buf[1024] = {0};
int bytes_read = fread(buf, sizeof(buf), 12, pFile);
printf("%sn", buf);
return 0;
}
输出错误结果如下:
getpwnam(ftpuser):
name = ftpuser
uid = 110
gid = 0
home = /opt/backup/ftpboot
shell = /bin/bash
new UID: 111
errcode: -1
errno: 1
Not owner
Open File Fail!
使用setuid尝试,发现总是失败,测试使用文件权限如下设置:
-rwxr-xr-x 1 nmsuser root 10300 Apr 26 15:32 a.out
-rwx------ 1 ftpuser root 12 Apr 26 11:13 testfile.txt
测试代码如下,使用nmsuser登录系统执行a.out:
int main(int argc, void** argv)
{
struct passwd *pw;
uid_t uid;
pw = getpwnam("ftpuser");
printf("nnn");
printf("getpwnam(ftpuser):n");
printf("name = %snuid = %dngid = %dnhome = %snshell = %sn",
pw->pw_name, pw->pw_uid, pw->pw_gid, pw->pw_dir, pw->pw_shell);
int err = setuid(pw->pw_uid);
printf("new UID: %dn", getuid());
printf("errcode: %dn", err);
printf("errno: %dn", errno);
char errmsg[1024] = {0};
perror(errmsg);
printf("%sn", errmsg);
FILE* pFile = fopen("testfile.txt", "r");
if (NULL == pFile)
{
printf("Open File Fail!n");
return 0;
}
char buf[1024] = {0};
int bytes_read = fread(buf, sizeof(buf), 12, pFile);
printf("%sn", buf);
return 0;
}
输出错误结果如下:
getpwnam(ftpuser):
name = ftpuser
uid = 110
gid = 0
home = /opt/backup/ftpboot
shell = /bin/bash
new UID: 111
errcode: -1
errno: 1
Not owner
Open File Fail!
|
chown nmsuser:users a.out
chown ftpuser:users testfile.txt
使用setreuid没问题,
setuid的man手册中指名了If the effective UID of the caller is root, the real UID and saved set-user-ID are also set.(要让这个函数有效,其用户识别码必须为0)没有说是GID呀。
所以看你怎么设计了。
|
将setuid改为setreuid试试。
setuid()要有效当前进程必须是root,uid=0
不过你的程序很奇怪,uid=110用户竟然和root同等权限,但不是root.
uid = 110
gid = 0
setuid()要有效当前进程必须是root,uid=0
不过你的程序很奇怪,uid=110用户竟然和root同等权限,但不是root.
uid = 110
gid = 0
|
没有这种功能,你必须以root或者将程序提升为s权限,否则是不可能直接变成另一个uid的。