Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can I assume that nobody is 65534?

Tags:

posix

user-permissions

uid

I'm writing a setuid root program. This program needs to open a file for writing and then write some content. It needs euid 0 only for opening the file, then it can drop privileges.

To drop privileges, I could seteuid to the current uid. But I was thinking at switching to nobody:nogroup.

Now, I was wondering: can I assume that nobody is 65534 on every system (and nogroup is 65534 too)? Is it defined by some standard (POSIX, maybe)?

like image 549
Likk Avatar asked Jan 16 '16 20:01

Likk

People also ask

What UID is nobody?

User nobody on a Unix system is traditionally user id 65534. This user is used by NFS servers when they cannot trust the client-supplied uids and gids, or when the root-squash option is being used.

What is the purpose of the nobody account?

It's there to run things that don't need any special permissions. It's usually reserved for vulnerable services (httpd, etc) so that if they get hacked, they'll have minimal damage on the rest of the system.

What is the use of nobody user in Linux?

In many Unix variants, "nobody" is the conventional name of a user identifier which owns no files, is in no privileged groups, and has no abilities except those which every other user has. It is normally not enabled as a user account, i.e. has no home directory or login credentials assigned.

How do I change permissions from nobody to root?

1. Open up a file manager as root, and you should be able to right-click a file or folder and change the security settings. 2. Open up a terminal and use the chown/chgrp/chmod commands to change the owner/group/permissions of the file(s).

1 Answers

You can't. nobody has had at least a few different IDs across distros and time:

Historically, the user “nobody” was assigned UID -2 by several operating systems, although other values such as 2^(15)−1 = 32,767 are also in use, such as by OpenBSD. For compatibility between 16-bit and 32-bit UIDs, many Linux distributions now set it to be 2^(16)−2 = 65,534; the Linux kernel defaults to returning this value when a 32-bit UID does not fit into the return value of the 16-bit system calls. An alternative convention assigns the last UID of the range statically allocated for system use (0-99) to nobody: 99.

like image 77
ivan_pozdeev Avatar answered Oct 13 '22 04:10

ivan_pozdeev
Sign in to Comment

Related questions

Macro hell: Platform-independent pointer to setjmp/sigsetjmp
Does Posix supply format string macros for printf/scanf?
Does POSIX specify that only one signal can interrupt pselect?
How to kill all children of the current shell on interrupt?
how to detect a pin change of a GPIO on Linux board
How to work around lack of NUL terminator in strings returned from mmap()?
Can posix read() receive less than requested 4 bytes from a pipe?
If fclose() fails, is the file descriptor still open?
Copying data from a shared-memory-mapped object using sendfile()/fcopyfile()
How to list POSIX semaphores on Mac OS X
Linux Shared Memory Synchronization
What is the alternative to getopt function on Windows c++? [duplicate]
What is the __DARWIN_C_LEVEL C-preprocessor symbol?
Are the makecontext()/swapcontext() functions compatible with C++
What does it take to be durable on Linux?
Accessing a system call directly from user program
what is __dirstream, where can we find the definition
Locking mechanisms for shared-memory consistency
Signalling all threads in a process
How to improve performance of File::Find::Rule calls?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!