I am currently trying to learn what the special bits in file permissions do but am currently stuck trying to understand what the setuid bit does. From all the online resources it says:
Commonly noted as SUID, the special permission for the user access level has a single function: A file with SUID always executes as the user who owns the file, regardless of the user passing the command
However in a simple experiment this just doesn't appear to be true (unless I have misunderstood and am doing something wrong?) i.e.
mkdir /tmp/foo
mkdir /tmp/foo/bar
chmod 0700 /tmp/foo/bar # Restrict directory so only current user can access
echo content > /tmp/foo/bar/baz.txt # Create content in the restricted directory
echo "ls /tmp/foo/bar" > /tmp/foo/myscript.sh # Script to access content of restricted directoy
chmod 4777 /tmp/foo/myscript.sh # Set setuid bit so the script runs as current user
/tmp/foo/myscript.sh # Show it works when run as current user
#> baz.txt
su bob # Switch to a new user
/tmp/foo/myscript.sh # Run script again
#> ls: cannot open directory '/tmp/foo/bar': Permission denied
My expectation was that as the setuid bit was set the script should have been executed as the original user and as such should have had permissions to ls
into the restricted directory. But instead I got a permissions denied error indicating that the script was not run as the original user.
Any help into understanding what I'm doing wrong would be greatly appreciated. (example was run on zsh / ubuntu 20.04 / wsl2)
CodePudding user response:
The suid bit works only on binary executable programs, not on shell scripts. You can find more info here: https://unix.stackexchange.com/questions/364/allow-setuid-on-shell-scripts