setuid and setgid confusion

I’m trying to fully grasp the concept of setuid and setgid, and I’m not quite sure in what way permissions are actually elevated. Let me provide an example:

Users

userA (groups: userA groupA)
userB (groups: userB groupB GroupC)

Executable

Permission owner group  filename
-rws-----x userA groupD file
-rwsrws--x userA groupD file2

If userB executes file and file2, what group permission will the executables have? What I’m not completely sure about, is whether the executable gains user/group permissions of both the caller and the file owner, or if permissions are “replaced”.

I know this is a silly example, as setuid and setgid will normally be used to envoke “all-powerful” applications, but I hope this example will be better at actually conceptualizing how setuid and setgid works.

Asked By: jkgeyti

||

As far as I know:

  • With setuid the executable is executed as the executable’s owner and the caller’s groups. You do not have the executable’s owner’s group permissions.

  • With setgid the executable is executed as the caller. The set of groups contains the caller’s groups and the executable’s group.

(To be sure I have just tested this in Ubuntu 10.04)

Answered By: Lasse Christiansen

setuid sets the effective uid euid.
setgid set the effective gid egid.

In both cases the callers uids and gids will stay in place. So roughly you can say that you will get that uid/gid in addition to the callers uid and (active) gid.

Some programs can differentiate that very well.

If you log into a system, then su to root and then issue a who am i you will see your “old” account.

su is one of these suid-binaries, that will change the euid.

Answered By: Nils
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.