Root priviledges can be restored after setuid(1000) in musl libc
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
musl libc
allows you to change uid
to root
even after supposedly dropping permissions with setuid(1000)
. I am not able to reproduce the problem with glibc
.
Code:
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
int main(void)
uid_t r, e, s;
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(1000) != 0)
puts("setuid(1000) failed");
else
puts("setuid(1000) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(0) != 0)
puts("setuid(0) failed");
else
puts("setuid(0) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
return 0;
which after compiling with gcc -o setuidtest setuidtest.c
produces the following output when running as root
0 0 0
setuid(1000) succeded
1000 1000 1000
setuid(0) succeded
0 0 0
I am running Void Linux with kernel version 4.18_1
and musl version 1.1.20_2
linux security setuid
add a comment |Â
up vote
0
down vote
favorite
musl libc
allows you to change uid
to root
even after supposedly dropping permissions with setuid(1000)
. I am not able to reproduce the problem with glibc
.
Code:
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
int main(void)
uid_t r, e, s;
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(1000) != 0)
puts("setuid(1000) failed");
else
puts("setuid(1000) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(0) != 0)
puts("setuid(0) failed");
else
puts("setuid(0) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
return 0;
which after compiling with gcc -o setuidtest setuidtest.c
produces the following output when running as root
0 0 0
setuid(1000) succeded
1000 1000 1000
setuid(0) succeded
0 0 0
I am running Void Linux with kernel version 4.18_1
and musl version 1.1.20_2
linux security setuid
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
musl libc
allows you to change uid
to root
even after supposedly dropping permissions with setuid(1000)
. I am not able to reproduce the problem with glibc
.
Code:
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
int main(void)
uid_t r, e, s;
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(1000) != 0)
puts("setuid(1000) failed");
else
puts("setuid(1000) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(0) != 0)
puts("setuid(0) failed");
else
puts("setuid(0) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
return 0;
which after compiling with gcc -o setuidtest setuidtest.c
produces the following output when running as root
0 0 0
setuid(1000) succeded
1000 1000 1000
setuid(0) succeded
0 0 0
I am running Void Linux with kernel version 4.18_1
and musl version 1.1.20_2
linux security setuid
musl libc
allows you to change uid
to root
even after supposedly dropping permissions with setuid(1000)
. I am not able to reproduce the problem with glibc
.
Code:
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
int main(void)
uid_t r, e, s;
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(1000) != 0)
puts("setuid(1000) failed");
else
puts("setuid(1000) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
if (setuid(0) != 0)
puts("setuid(0) failed");
else
puts("setuid(0) succeded");
getresuid(&r, &e, &s);
printf("%d %d %dn", r, e, s);
return 0;
which after compiling with gcc -o setuidtest setuidtest.c
produces the following output when running as root
0 0 0
setuid(1000) succeded
1000 1000 1000
setuid(0) succeded
0 0 0
I am running Void Linux with kernel version 4.18_1
and musl version 1.1.20_2
linux security setuid
linux security setuid
asked 17 mins ago
apilat
61
61
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f478738%2froot-priviledges-can-be-restored-after-setuid1000-in-musl-libc%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password