• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Urban Penguin

The Urban Penguin - Linux Training

  • Home
  • About
  • Live Training
  • Shop
  • Our Latest eBook Offer
  • Programming
    • Master Editing Text Files Using VIM
    • Learn Shell Scripting with BASH
    • PERL Scripting in Linux
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • Learn C Programming using Linux and the Raspberry Pi
    • General Java Tutorials
    • Java 7 OCA Exam 1ZO-803
  • OS Tutorials
    • Red Hat and CentOS Training
      • RHCE – EX294 – Automation With Ansible
    • Learning Ubuntu
    • LPI Training
      • LPI Linux Essentials
      • LPIC-1 Linux Administrator
      • LPIC-2 Certified Linux Engineer
      • LPIC-3 Senior Level Certification
        • LPIC-3 Exam 300 : Mixed Environments
        • LPIC-3 Exam 303 : Security
        • LPIC-3 Exam 304 : Virtualization and High Availability
    • Linux Technologies
      • Apache HTTPD Server
      • Learning PHP
      • Learning PUPPET
      • Learning SAMBA
      • Linux File-Systems
      • Monitoring with Nagios Core
      • MYSQL
      • openLDAP Directories on Linux
  • Pluralsight Courses
You are here: Home / C Programming / Using a Simple C Program to Explain the Linux SUID Permission

Using a Simple C Program to Explain the Linux SUID Permission

January 6, 2014 by The Urban Penguin

Effective and Real Permissions

SUID PermissionsSome programs in Linux use the Set UID or SUID permission. One notable program using this is the user password command: /usr/bin/passwd. When the program runs it will execute with the permissions of the file’s owner and not the current user. When we examine the runtime environment of the program we will find that we maintain  REAL UID and an EFFECTIVE UID. The REAL UID being the UID of the user and the EFFECTIVE UID  represents the user’s whose rights we use. Using these values in a simple C program that we can use to demonstrate the use of the SUID permission. This may be of interest to you a someone learning to write C code or an administrator wanting to more about permissions.

Simple C Program

Starting off we will be creating very a simple C in our favoured IDE or text editor. We will use the vim editor in the demonstration.

#include <stdio.h>
#include <unistd.h>
 int main () {
  int real = getuid();
  int euid = geteuid();
  printf("The REAL UID =: %d\n", real);
  printf("The EFFECTIVE UID =: %d\n", euid);
}

The code really is as simple as it looks, using just the 2 header files and the main function. Within the function main we populate two variables. Firstly real and then the euid. The functions getuid() and geteuid() come from the unistd header. Finally, we print the contents of the variables with the next two lines, one variable per line. Once created we can compile the code with using the command the gcc.

gcc -o setuid setuid.c

The compiler will assign standard permissions of rwx rx rx or 755 to the file. We can run it and we will see that the Real and Effective UID are the same.

SUID Permission inLinux

There are programs that standard users need to run with elevated permissions, these include programs like the mount command and passwd program. The program can be owned by root or another account; most often root. When the program runs it will execute with the permissions of the owner of the file rather than the current user. This becomes the EFFECTIVE UID to the running process. In this way standard users can change their own password with /usr/bin/passwd even though the file they write to would not be accessible to their own UID.

Setting this on our file we need to change to the root account and first set the ownership and then permissions of the file:

sudo chown root setuid
sudo chmod 4755 setuid

SUID Permission

Remember the setuid is the name of our program file. The leading 4 in the permission block implements the SUID permission. As a standard user now when we run the program even the REAL UID is still our own UID the EFFECTIVE UID will be 0f the UID of root, the files’ owner.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)

Filed Under: C Programming, Raspberry Pi

Primary Sidebar

Newest Video

The Urban Penguin On Youtube

Live Training

Powered by Eventbrite

Categories

Pages

  • About The Urban Penguin
  • Contact Us
  • Shop
    • Basket
    • Checkout
    • My Account
  • LPI Training from The Urban Penguin
    • Live and Pluralsight hosted courses
    • Complete Linux Essentials
    • Scheduled Linux Essentials Classes
    • LPIC-3 Senior Level Certification
      • LPIC-3 Exam 300 : Mixed Environments
      • LPIC-3 Exam 303 : Security
      • LPIC-3 Exam 304 : Virtualization and High Availability
    • LPIC-2 Certified Linux Engineer
    • LPIC-1 Linux Administrator
    • LPI Linux Essentials for Raspberry Pi
    • LPI Linux Essentials
  • Operating System Tutorials
    • Linux Foundation Training
    • Solaris 11 OCA 1ZO-821
    • Learning Ubuntu
    • Learning SUSE
    • Red Hat and CentOS Training
      • RHCE – EX294 – Automation With Ansible
  • Scripting – the power of repetition!
    • Java 7 OCA Exam 1ZO-803
    • General Java Tutorials
    • Learn C Programming using Linux and the Raspberry Pi
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • PERL Scripting in Linux
    • Learn Shell Scripting with BASH
    • Master Editing Text Files Using VIM
  • Linux Technologies
    • Learning PUPPET
    • openLDAP Directories on Linux
    • Monitoring with Nagios Core
    • Linux File-Systems
    • Learning SAMBA
    • Apache HTTPD Server
    • Learning PHP
    • MYSQL
  • OpenStack
    • Pluralsight
    • Udemy
    • Raspberry Pi Tutorials
    • Citrix Videos
  • Courses

© 2019 The Urban Penguin · All Rights Reserved

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok