180 likes | 462 Views
Changing User and Group ID’s. setuid() and setgid() set the real user and group ID’s of a process to the extent of the process permission UID’s and GID’s are typically manipulated to extend or contract access permissions for a process. Logic of UID/GID changes. exec
E N D
Changing User and Group ID’s • setuid() and setgid() set the real user and group ID’s of a process to the extent of the process permission • UID’s and GID’s are typically manipulated to extend or contract access permissions for a process
Logic of UID/GID changes • exec • does not alter real UID/GID • sets EUID/EGID from corresponding bits of program file • copies SSUID/SSGID from EUID/EGID on call • setuid() • superuser: sets all three UID’s, all three GID’s • unprived user: sets EUID/EGID IF matches existing effective ID’s or saved-set ID’s
setreuid() and setregid() Functions • used to swap RUID with EUID or set one to the other • superuser may make any change, or any assignment • unprived user may swap RUID with EUID, or set one to the other, or set EUID to SSUID
seteuid() and setegid() Functions • for setting effective ID’s only • unprived user may set EUID to RUID or SSUID • prived user may set EUID to any value
Group ID’s • group ID functions mirror the user ID functions • setgid() – set GID • setregid() – swap effective and real GID • setegid() – set only effective GID
Interpreter Files • interpreter files are sometimes known as ‘scripts’ • all interpreter files begin with #! symbol, followed by the path to the interpreter • path is absolute • possible 32 character limit to pathname • Interpreter files are ‘exec’ed’ by the kernel, using the interpreter from the #! line, and passing the interpreter file as an argument to it
Features of interpreter file use • when kernel exec’s the interpreter file, it shifts the arguments to the exec’d program (the interpreter) two places to the right • arg(0) is set to the interpreter • arg(1) is set to the optional arg(1) for the interpreter • arg(2) is set to the path of the interpreter file (script)
System Function • designed to allow programs to execute a command string from inside a process • system() calls are effectively calls to a shell to execute a single command and return • command strings can be thought of as any command you can give from a shell prompt • system() function reduces programmer time involved in ‘one off’ calls to other programs
Set-User-ID Programs • SUID programs that call system can retain their effective UID when exec’ing the shell command • MAJOR security hole, DO NOT call system() from an SUID or SGID program, use fork() and exec() directly, being careful to watch your effective ID’s. • shell’s have holes you could drive a truck through (environment variables being one of many), and system() calls a shell • as a rule of thumb, never set the SUID or SGID bits on programs which rely on other programs whose code you don’t control, or can’t ABSOLUTELY trust
Process Accounting • process accounting is an option enabled or disabled on a particular system by the administrator • with accton() the kernel keeps records on resource usage of processes • records are kept per process, programs exec’ed by another process accumulate resource totals under the original process ID
User Identification • getlogin() can be used to identify the login name attached to the login from which a process was run • UID’s can have multiple login names attached • different shells • different home directories • will not work for processes not attached to terminal (daemon’s)
Process Times • there are three time values associated with any process • clock (real) time • system cpu time • user cputime • clock time is very dependent on system load, other times less so
times() Function • times() function returns wall clock time • ‘child’ times are for all ‘waited’ on children • return value is in clock ticks, use sysconf() to convert to seconds on specific system