Reputation: 1746
Can a program adopt the permissions of the user, or is it completely restricted by owner?
For example when a program is run in a *nix environment by root user, but the program owner is a non-root user, could that program carry out actions with root privileges?
Upvotes: 3
Views: 144
Answers (3)
Reputation: 37915
The permissions of an application are determined on the user that executed the program.
If it would take the permissions of the owner, the sudo command, for example, would not have any effect.
Furthermore, most applications in /bin (or any other system location) are owned by the root user (so one is not able to (easily) modify them), but are still executed with the users permissions.
Note, that if an program has the setuid or setgid bit(s) set, then the application is started with respectively the user and/or group permissions.
This allows regular users to perform actions that typically require root permissions without having access to the root account.
To set the setuid bit use:
chmod u+s /path/to/application
Same goes for the setgid bit, but using g+s instead of u+s.
Upvotes: 3
Reputation: 182684
By default the process runs with the ID and privileges of the user that starts it, not with the program owner ID. So if root starts a process from a program owned by an ordinary user, that process will run with ID=0.
As Johnsyweb mentions in the comments, if the program happens to have the setuid bit set, it will be run as the owner. That's what setuid means: set user ID. Typically this is done to allow regular users to run programs such as ping that require superuser permissions.
Note however that Linux for example has a superior mechanism in the form of "Linux Capabilities" where certain select permissions can be granted instead of full setuid.
Upvotes: 2
Reputation: 74078
The user starting the program determines the permissions for that run. If you want a program run with the permissions of another user you can either use su or sudo or set the setuid bit for the program
chown user program
chmod u+s program
This will force the permissions to be used for user, no matter who runs the program.
Upvotes: 1
Related Questions
- Linux Permissions Questions
- How does mode affect the permisson on newly created files in Linux?
- how does a process in linux decides privileges it has
- Does a process that have the root user always have all of the capabilities available in Linux?
- How does the operating system manage processes
- Does an executable have the same file privileges as the user who ran it?
- Changing the permission of a program in Linux
- How to let a program can be run by a specific user with owner's privilege on linux
- Can I give a Linux user rights to do exactly the same as another user?
- Linux binary permissions