Unix suid bit problem

Question

I have written a program in c, that do some calculations then creates a folder. That folder's owner is the root user. With an other user I am trying to run this c application. I've got this error:

mkdir: lol: Permission denied

Ok, I know this error is ok, because I don't have rights for it, but I have read on the internet, that if I set the suid bit on the file, then this file will run with the owner's rights. I've used this command:

chmod +s filename

But it isn't working... :( Any ideas?

EDIT:
So, first of all, my Unix distribution is a Mac OS X 10.5.8. And my filename is a.out, since I have compiled it from ic.c with the command: gcc ic.c And I am running the chmod command with the root user.

Answer 1

There is a incorrect syntax. Command must be lock like chmod u+s filename Wizard for chmod http://en.clihelper.com/chmod/ can help with syntax of chmod

Answer 2

I think you also will need to setuid(0); in your program to become root. Only setting the s-bit is not sufficient.

I agree with all others, that doing all these things is very risky...

Edit

Jonathan Leffler is right in the comments. setuid(0); should probably not be necessary in this case. The necessary steps for ie creating a file under /etc

create_file_under_etc.c

#include <stdio.h>
int main() {
  FILE *fp = fopen("/etc/so-su-test.txt", "wt");
  if (fp) {
    fprintf(fp, "I'll be back\n");
    fclose(fp);
    printf("File created.\n");
  } else {
    printf("File not created.\n");
  }
  return 0;
}

...and to test and compile

cc create_file_under_etc.c
sudo chmod +s a.out
sudo chown root:staff a.out
./a.out

...you better clean up also

sudo rm a.out
sudo rm /etc/so-su-test.txt

Answer 3

You used the command

chmod +s filename

The syntax you used to issue that command is incorrect. The correct syntax would be

chmod [ugoa]+s filename

where you can use any combination of the letters u, g, o, and a.

Unix, as you already know, stores information about permissions for each folder/file. There are permissions for read, write, execute, sticky, and more attached to each file. For a single file, there is a different set of permissions for the owner, group, and everyone else. So, while the owner of a file may be able to read, write, and execute a file, all other users in the owner's group might be able to only read that file, and everyone else might not be able to access that file at all.

When issuing the chmod command, you need to specify which set of users you are changing the permissions for. Do this by using a combination of the letters u, g, o, and a. 'u' changes permissions for the owner of the file, 'g' for all users in the owner's group, 'o' for all other users outside the owner's group, and 'a' for all three sets of users.

Examples:

chmod ga-r confidential.txt will make it so that only the owner of the file will be able to read 'confidential.txt'. All other users, including users in the owners group, will not be able to read 'confidential.txt'

chmod ga-rwx really_confidential.txt will make it so that anyone, other than the owner of that file, will not be able to read, write, or execute 'really_confidential.txt'. Put another way, you are removing the ability to read, write, or execute 'really_confidential.txt' from all users except owner.

chmod u+s filename adds the sticky bit to 'filename', only for the owner of that file.

EDIT: Oh yeah, and since the file is owned by root, make sure to preface the command you issue with a 'sudo'. But it looks like you already know that.

Answer 4

It's not clear from your question exactly what "filename" is referring to -- the executable, or the directory you want to create files in? To do what you want, you need to use the chmod +s command on the executable, so it will run with root privileges. chmod +s on the target directory won't do anything to open up the file creation privileges to non-root users.

The whole concept strikes me as a bit of a security risk, though -- wouldn't it be better for root to create a directory somewhere just for this application, then chmod it 775 or 777 to grant write permission to "group" or "world" respectively?

Edit: I see that you're indeed trying to chmod the executable, and that you're running the chmod command as root. But does root own the executable? You might need a "chown" command (as root) in addition to the chmod +s command, to ensure that it runs setuid root instead of setuid whoever-built-the-executable.

Answer 5

Well, you don't say what 'filename' is. You can only suid on an executable. Particularly you can't set it on a shell script - it has to be a real machine code executable. And in modern UNIXes, like some horrible Linux distros, you might not be able to set it at all without jumping through more hoops than you might like.

Answer 6

Try running chmod as the root user.

I've been bit by this in the past:(