AT&T Research Unix version 6, setuid - Old school stuff

Users browsing this thread: 1 Guest(s)
venam
Administrators
This is quite a tricky question, as with anything related to the setuid mess.

A normal user can only set its euid to its own ruid.

I can only come up with the case you've mentioned for unprivileged usage then: a SUID executable to another user (maybe not root also) and a call to setuid to whatever real user id was before, this would be a clunky way to start doing some maneuver that requires that SUID privilege and drop them midway or just a reassurance that you're not doing something with higher/different privileges and got pwned.

It might be a good idea to check if it's used in that way in the utilities. I couldn't find anything in the lion's book ( https://warsus.github.io/lions-/ ) but a quick search using whatever github repo hosts the v6 code may indicate that:

https://github.com/memnoth/unix-v6/searc...d_q=setuid

For instance, login or mv.

https://github.com/memnoth/unix-v6/blob/...s1/login.c
https://github.com/memnoth/unix-v6/blob/...ce/s2/mv.c

Before any tricky operation it reassure itself that it doesn't have an effective user ID with elevated privileges by forcing it to reassign it to the real user ID.

Those are only guesses by looking through the code, maybe someone here has a better explanation.


Messages In This Thread
AT&T Research Unix version 6, setuid - by burrows - 08-08-2018, 07:21 PM
RE: AT&T Research Unix version 6, setuid - by venam - 09-08-2018, 01:52 AM