2

I have a C program which gets its name, tacks the string ".script" to the end, and executes the resulting script. My goal is to have the C executable have the setuid bit set, and for the script to be owned by the effective uid. But when I test it, it gives me a permission denied. I added a print for the real and effective uid, and the euid is being set. The two files appear as:

-rwsr-xr-x. 1 ts00001 ts00001     8792 Oct  9 08:54 testing
-rwxr-x---. 1 ts00001 ts00001       21 Oct  9 08:15 testing.script

Executing the program gives me:

ts00086@rofrpna bin:0 $ ./testing
uid = 223336, euid = 202223
/bin/bash: /usr/local/bin/testing.script: Permission denied
ts00086@rofrpna bin:126 $

So... What point am I failing to see here?

The C program is as follows:

#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>

char ** duplicateArray(char ** input);

int main(int ac, char **av)
{
        int i;
        char script[1024];

        printf("uid = %d, euid = %d\n", getuid(), geteuid());

        realpath(av[0], script);
        strcat(script, ".script");

        printf("script result = %d\n", execv(script, av));
        printf("errno = %d\n", errno);

        return 0;
}
Robert Nix
  • 69
  • 1
  • 7
  • I believe the problem is related to the lack of reading permissions on the file. try `chmod 750 testing.script` and then run the script, and let me know if that helped... – Leonardo Alves Machado Oct 09 '17 at 14:36
  • @LeonardoAlvesMachado The top of the post already shows 750 for the permission of `testing.script` – Tom Karzes Oct 09 '17 at 14:39

0 Answers0