I have this C
file:
#include <stdio.h> #include <unistd.h> int main(void) { printf("%sn", getlogin()); printf("%in", getuid()); }
I compile it, set the UID and GID both to root
and set the setuid bit, so that it looks like this:
-rwsrwsr-x 1 root root 8735 Apr 8 19:51 a.out
However when I call $ ./a.out
I still get:
user 1000
What am I doing wrong?
Advertisement
Answer
The real user ID is still the user that called the program, but the effective user ID is root. In a setuid program, they are not the same.
To get the effective user ID, call geteuid()
. You can also use cuserid()
to get the name associated with the effective user ID.