Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What happens to already opened files when you change process ownership (uid/gid) in Linux?

Tags:

c

file

linux

permissions

file-permissions

It's possible to change UID/GID of current process as it runs programatically with setresgid/setresuid which affects future files access rights.

However what happens to already opened or memory mapped files? Are they still accessible for i/o operations like read/write? I'm asking more in context of "not explicit" i/o operations performed by libraries, for example sqlite database or other libraries that operate on files more internally. Files opened in DIRECT_IO mode sound even more uncertain in this aspect.

like image 267
Lapsio Avatar asked Aug 31 '25 21:08

Lapsio

1 Answers

When you open a file, your ability to do so is determined by your effective uid and gid at the time you open the file.

When you change your effective uid or gid, it has no effect on any open file descriptors that you may have.

In most cases, if you have a valid file descriptor, that's all you need to read or write the resource that descriptor is connected to. The fact that you hold the valid file descriptor is supposed to be all the proof you need that you have permission to read/write the underlying resource.

When you read or write using an ordinary file descriptor, no additional authorization checks are performed. This is partly for efficiency (because those authentication checks would be expensive to perform each time), and partly so that -- this may be exactly what you are trying to do -- you can open a privileged resource, downgrade your process's privileges, and continue to access the open resource.

Bottom line: Yes, it's entirely possible for a process to use an open file descriptor to read or write a file which (based on its current uid/gid) it would not be able to open.

Footnote: What I've said is true for ordinary Unix file descriptors connected to ordinary resources (files, devices, pipes, network streams, etc.). But as @Mark Plotnick reminds in a comment, some file descriptors and underlying resources are "different" -- NFS and Linux /proc files are two examples. For those, it's possible for additional checks to be performed at the time of read/write.

like image 67
Steve Summit Avatar answered Sep 04 '25 00:09

Steve Summit
Sign in to Comment

Related questions

Using spi-bitbang driver
C pointer syntax
Why I get: returning const char * from a function with result type char * discards qualifiers
Does the C compiler have to short-circuit && and || unnecessarily?
Are bitmasks mandatory for unsigned conversions?
What are source and execution character sets?
Volatile access of struct member
Relation of endianness to assembly conversion of size in C
How to change the precision of a floating point in C at runtime?
How to remove duplication in Makefile?
Has anyone implemented a replacement for string.h using a struct to store the string and length?
Process-shared condition variable : how to recover after one process dies?
GUI for linux c
bc (standard_in) 1: syntax error
set 2 values in a ternary operation - C
Why must the file exist when using the 'r+' mode in fopen?
Parse $PATH variable and save the directory names into an array of strings
c - Error: "incomplete type is not allowed" , IAR compiler
How does the following va_arg macro work?
What does it mean to 'add an index to an archive file'?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!