8.11setuid.c
看完这个程序,绝对会进一步了解与进程相关的实际用户ID,有效用户ID,保存的设置ID
与文件相关的setid位. 与用户相关的uid.
[xiaodao@mylinux ~]$ vi 8.11setuid.c
#include
#include
#include
#include
int
main(void)
{
uid_t euid = geteuid();
printf("uid = %d, euid = %d\n", getuid(), euid); //打印进程的实际用户ID,有效用户ID
if (setuid(getuid()) == -1) { //因为getuid()为实际用户ID,因此可以设置进程有效用户ID
printf("setuid %d error\n", getuid());
exit(1);
}
else
printf("uid = %d, euid = %d\n", getuid(), geteuid()); //验证
if (setuid(euid) == -1) { //因为euid为保存的设置用户ID,因此可以设置进程的有效用户ID
printf("setuid %d error, %s\n", euid, strerror(errno)); // exit(1);
}
else
printf("uid = %d, euid = %d\n", getuid(), geteuid());//验证
exit(0);
}
[xiaodao@mylinux ~]$ gcc 8.11setuid.c
[xiaodao@mylinux ~]$ su
Password:
[root@mylinux xiaodao]# chown test:test a.out
[root@mylinux xiaodao]# chmod u+s a.out //对文件a.out设置setuid位
[root@mylinux xiaodao]# exit
exit
[xiaodao@mylinux ~]$ ./a.out
uid = 500, euid = 502 //实际用户ID为502,因为文件有setuid位,因此有效用户ID为502
uid = 500, euid = 500 //设置成功,有效用户ID改为500
uid = 500, euid = 502 //设置成功,有效用户ID改为502
[xiaodao@mylinux ~]$