In Unix, when exec
If Real user ID is not same with file owner, and Set user ID bit is on, then, effective user id is changed to file owner's, and saved set user ID too.
Because Effective user ID is copied to Saved set user ID when exec.
At this moment, Why saved set userID is needed?
Because of security problem? if it is right, especially what case?
The saved user ID ( suid ) is used when a program running with elevated privileges needs to do some unprivileged work temporarily; changing euid from a privileged value (typically 0 ) to some unprivileged value (anything other than the privileged value) causes the privileged value to be stored in suid .
A set-group-ID program performs the analogous tasks using setegid(2) , setregid(2) , or setresgid(2) . A process can obtain its saved set-user-ID (set-group-ID) using getresuid(2) .
So, the real user id is who you really are (the one who owns the process), and the effective user id is what the operating system looks at to make a decision whether or not you are allowed to do something (most of the time, there are some exceptions).
Setuid, which stands for set user ID on execution, is a special type of file permission in Unix and Unix-like operating systems such as Linux and BSD. It is a security tool that permits users to run certain programs with escalated privileges.
Having a saved user id allows you to drop your privileges (by switching the effective uid to the real one) and then regain them (by switching the effective uid to the saved one) only when needed.
When files are accessed, the system looks at the process's effective UID, its set of GIDs and matches those to the file permissions (and possibly the ACLs on the file).
When files are created, the system looks at the same process values when deciding whether the file can be created, but uses the effective UID to set the UID on the file, and uses either the effective GID or the directory's GID (if the SGID bit is set on the directory, or if you are on MacOS X).
The access()
system call checks whether the real UID and real GID (instead of the effective UID and GID) can access the file.
If you have a SUID (setuid) program, then it can use its EUID to access files that it would otherwise not be accessible to its users. However, if it wants to create a file on behalf of the user (the RUID of the person running it), then it needs to drop the SUID privilege so the EUID is the same as the RUID. Once upon not so very long ago, once you dropped the SUID privilege, it was lost for good; you could not get it back. The saved UID value allows you to switch back, which simplifies management of privileges for SUID programs.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With