Set-Uid Lab
Essay Preview: Set-Uid Lab
Report this essay
1. Figure out why “passwd”, “chsh”, and “su” commands need to be Set-UID programs. What will happen if they are not? If you are not familiar with these programs, you should first learn what they can do. Their source codes are in /usr/src/commands/simple directory.
because if they were not, any user would be able to change passwords, or
change things dealing with the os, and they would be just as powerful as the
root user. with the those commands being setuid programs, that ensures that roots are the only ones with high access privileges and that normal users are
restricted from certain things.
2. Read the OS source codes of Minix, and figure out how SET-UID is implemented in the system. You should answer the following questions, and identify the corresponding codes in Minix:
a. How does the OS recognize whether a file is a Set-UID?
by checking an access right flag
b. What does Minix do when a Set-UID program is executed?
it does a validity check; then it get the exec file name and sees if the file is
executable; fetches the stack from the user before the old core image; checks
to see if the process text can be shared with that one of already running; saves file id to allow it to be shared; patches up stack and copy it from
MM to new core image; read in text and data segments; take care of setuid/setgid bits; save offset to initial argc; fix mproc fields, tell kernel
that exec is done, reset caught sigs.
c. How does Set-UID affect the access control?
it first checks to see if the mode is correct; then it temporarily opens the file
whose access is to be checked; and finally, it checks the permissions.
3. Run Set-UID shell programs in Minix and Linux and describe and explain your observations
a. Login as root, copy a shell program to /tmp, and make it a set-root-uid program with permission 4755
minix: was unable to access the file as a normal user; therefore, i did not have root privilege
linux: attempted to run file as normal user and came up with the sh-3.1$.
b. Login as a normal user, and run/tmp/sh. Will you get root privilege by running this shell program? Please describe your observation. Is your observation in Minix the same as that in Linux? Explain.
minix: i was still able to have root privileges; i think the reason why i still
had access was due to the fact that my code was ran
linux: was not able to have root privileges, and the file was not overwritten
a. write a program that simply calls system (“ls”), and miade it a set-root-uid program
b. this program is supposed to execute the /bin/ls command; however, the programmer “forget” to use the absolute path for the ls command. Can you let this set-uid program to run your code instead of /bin/ls? If you can, do you still have the root privilege