Why does the setuid bit work inconsistently?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I wrote the code:
// a.c
#include <stdlib.h>
int main () {
system("/bin/sh");
return 0;
}
compiled with command:
gcc a.c -o a.out
added setuid bit on it:
sudo chown root.root a.out
sudo chmod 4755 a.out
On Ubuntu 14.04, when I run as general user, I got root privilege.
but on Ubuntu 16.04, I still got current user's shell.
Why is it different?
linux ubuntu security privileges setuid
edited May 17 at 5:04
muru
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
add a comment |
I wrote the code:
// a.c
#include <stdlib.h>
int main () {
system("/bin/sh");
return 0;
}
compiled with command:
gcc a.c -o a.out
added setuid bit on it:
sudo chown root.root a.out
sudo chmod 4755 a.out
On Ubuntu 14.04, when I run as general user, I got root privilege.
but on Ubuntu 16.04, I still got current user's shell.
Why is it different?
linux ubuntu security privileges setuid
edited May 17 at 5:04
muru
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
add a comment |
I wrote the code:
// a.c
#include <stdlib.h>
int main () {
system("/bin/sh");
return 0;
}
compiled with command:
gcc a.c -o a.out
added setuid bit on it:
sudo chown root.root a.out
sudo chmod 4755 a.out
On Ubuntu 14.04, when I run as general user, I got root privilege.
but on Ubuntu 16.04, I still got current user's shell.
Why is it different?
linux ubuntu security privileges setuid
edited May 17 at 5:04
muru
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
I wrote the code:
// a.c
#include <stdlib.h>
int main () {
system("/bin/sh");
return 0;
}
compiled with command:
gcc a.c -o a.out
added setuid bit on it:
sudo chown root.root a.out
sudo chmod 4755 a.out
On Ubuntu 14.04, when I run as general user, I got root privilege.
but on Ubuntu 16.04, I still got current user's shell.
Why is it different?
linux ubuntu security privileges setuid
linux ubuntu security privileges setuid
edited May 17 at 5:04
muru
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
edited May 17 at 5:04
muru
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
edited May 17 at 5:04
muru
39.6k595171
edited May 17 at 5:04
muru
39.6k595171
edited May 17 at 5:04
muru
39.6k595171
39.6k595171
asked May 16 at 17:37
user10883182user10883182
433
asked May 16 at 17:37
user10883182user10883182
433
asked May 16 at 17:37
user10883182user10883182
433
433
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
What changed is that /bin/sh either became bash or stayed dash which got an additional flag -p mimicking bash's behaviour.
Bash requires the -p flag to not drop setuid privilege as explained in its man page:
If the shell is started with the effective user (group) id not equal to the real user
(group) id, and the -p option is not supplied, no startup files are read, shell functions
are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE
variables, if they appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation, the startup behavior
is the same, but the effective user id is not reset.
Before, dash didn't care about this and allowed setuid execution (by doing nothing to prevent it). But Ubuntu 16.04's dash's manpage has an additional option described, similar to bash:
-p priv
Do not attempt to reset effective uid if it does not match uid. This is not set by default to help avoid incorrect usage by
setuid root programs via system(3) or popen(3).
This option didn't exist in upstream (which might not be have been reactive to a proposed patch*) nor Debian 9 but is present in Debian buster which got the patch since 2018.
NOTE: as explained by Stéphane Chazelas, it's too late to invoke "/bin/sh -p" in system() because system() runs anything given through /bin/sh and so the setuid is already dropped. derobert's answer explains how to handle this, in the code before system().
* more details on history here and there.
answered May 16 at 18:05
A.BA.B
7,12511333
system("bash -p")runssh -c "bash -p"so the privileges have already been dropped whenbashis executed.
– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do asystem()with elevated privileges (which, granted, they shouldn't in the first place) end-up doing asetresuid()before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.
– Stéphane Chazelas
May 16 at 18:40
|
show 1 more comment
Probably the shell is changing its effective user ID back to the real user ID as part of its startup for some reason or another. You could verify this by adding:
/* needs _GNU_SOURCE; non-Linux users see setregid/setreuid instead */
uid_t euid = geteuid(), egid = getegid();
setresgid(egid, egid, egid);
setresuid(euid, euid, euid);
before your system(). (Actually, even on Linux, you probably only need to set the real ones; the saved ones should be fine to leave alone. This is just brute force to debug. Depending on why you're set-id, you may of course need to save the real IDs somewhere as well.)
[Also, if this isn't just an exercise learning how setid works, then there are lot of security issues to worry about, especially when calling a shell. There are many environment variables, for example, that affect the shell's behavior. Prefer an already-existing approach like sudo if at all possible.]
answered May 16 at 18:05
derobertderobert
77.2k8168227
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f519338%2fwhy-does-the-setuid-bit-work-inconsistently%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
What changed is that /bin/sh either became bash or stayed dash which got an additional flag -p mimicking bash's behaviour.
Bash requires the -p flag to not drop setuid privilege as explained in its man page:
If the shell is started with the effective user (group) id not equal to the real user
(group) id, and the -p option is not supplied, no startup files are read, shell functions
are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE
variables, if they appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation, the startup behavior
is the same, but the effective user id is not reset.
Before, dash didn't care about this and allowed setuid execution (by doing nothing to prevent it). But Ubuntu 16.04's dash's manpage has an additional option described, similar to bash:
-p priv
Do not attempt to reset effective uid if it does not match uid. This is not set by default to help avoid incorrect usage by
setuid root programs via system(3) or popen(3).
This option didn't exist in upstream (which might not be have been reactive to a proposed patch*) nor Debian 9 but is present in Debian buster which got the patch since 2018.
NOTE: as explained by Stéphane Chazelas, it's too late to invoke "/bin/sh -p" in system() because system() runs anything given through /bin/sh and so the setuid is already dropped. derobert's answer explains how to handle this, in the code before system().
* more details on history here and there.
answered May 16 at 18:05
A.BA.B
7,12511333
system("bash -p")runssh -c "bash -p"so the privileges have already been dropped whenbashis executed.
– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do asystem()with elevated privileges (which, granted, they shouldn't in the first place) end-up doing asetresuid()before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.
– Stéphane Chazelas
May 16 at 18:40
|
show 1 more comment
What changed is that /bin/sh either became bash or stayed dash which got an additional flag -p mimicking bash's behaviour.
Bash requires the -p flag to not drop setuid privilege as explained in its man page:
If the shell is started with the effective user (group) id not equal to the real user
(group) id, and the -p option is not supplied, no startup files are read, shell functions
are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE
variables, if they appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation, the startup behavior
is the same, but the effective user id is not reset.
Before, dash didn't care about this and allowed setuid execution (by doing nothing to prevent it). But Ubuntu 16.04's dash's manpage has an additional option described, similar to bash:
-p priv
Do not attempt to reset effective uid if it does not match uid. This is not set by default to help avoid incorrect usage by
setuid root programs via system(3) or popen(3).
This option didn't exist in upstream (which might not be have been reactive to a proposed patch*) nor Debian 9 but is present in Debian buster which got the patch since 2018.
NOTE: as explained by Stéphane Chazelas, it's too late to invoke "/bin/sh -p" in system() because system() runs anything given through /bin/sh and so the setuid is already dropped. derobert's answer explains how to handle this, in the code before system().
* more details on history here and there.
answered May 16 at 18:05
A.BA.B
7,12511333
system("bash -p")runssh -c "bash -p"so the privileges have already been dropped whenbashis executed.
– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do asystem()with elevated privileges (which, granted, they shouldn't in the first place) end-up doing asetresuid()before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.
– Stéphane Chazelas
May 16 at 18:40
|
show 1 more comment
What changed is that /bin/sh either became bash or stayed dash which got an additional flag -p mimicking bash's behaviour.
Bash requires the -p flag to not drop setuid privilege as explained in its man page:
If the shell is started with the effective user (group) id not equal to the real user
(group) id, and the -p option is not supplied, no startup files are read, shell functions
are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE
variables, if they appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation, the startup behavior
is the same, but the effective user id is not reset.
Before, dash didn't care about this and allowed setuid execution (by doing nothing to prevent it). But Ubuntu 16.04's dash's manpage has an additional option described, similar to bash:
-p priv
Do not attempt to reset effective uid if it does not match uid. This is not set by default to help avoid incorrect usage by
setuid root programs via system(3) or popen(3).
This option didn't exist in upstream (which might not be have been reactive to a proposed patch*) nor Debian 9 but is present in Debian buster which got the patch since 2018.
NOTE: as explained by Stéphane Chazelas, it's too late to invoke "/bin/sh -p" in system() because system() runs anything given through /bin/sh and so the setuid is already dropped. derobert's answer explains how to handle this, in the code before system().
* more details on history here and there.
answered May 16 at 18:05
A.BA.B
7,12511333
What changed is that /bin/sh either became bash or stayed dash which got an additional flag -p mimicking bash's behaviour.
Bash requires the -p flag to not drop setuid privilege as explained in its man page:
If the shell is started with the effective user (group) id not equal to the real user
(group) id, and the -p option is not supplied, no startup files are read, shell functions
are not inherited from the environment, the SHELLOPTS, BASHOPTS, CDPATH, and GLOBIGNORE
variables, if they appear in the environment, are ignored, and the effective user id is
set to the real user id. If the -p option is supplied at invocation, the startup behavior
is the same, but the effective user id is not reset.
Before, dash didn't care about this and allowed setuid execution (by doing nothing to prevent it). But Ubuntu 16.04's dash's manpage has an additional option described, similar to bash:
-p priv
Do not attempt to reset effective uid if it does not match uid. This is not set by default to help avoid incorrect usage by
setuid root programs via system(3) or popen(3).
This option didn't exist in upstream (which might not be have been reactive to a proposed patch*) nor Debian 9 but is present in Debian buster which got the patch since 2018.
NOTE: as explained by Stéphane Chazelas, it's too late to invoke "/bin/sh -p" in system() because system() runs anything given through /bin/sh and so the setuid is already dropped. derobert's answer explains how to handle this, in the code before system().
* more details on history here and there.
answered May 16 at 18:05
A.BA.B
7,12511333
edited May 16 at 18:40
answered May 16 at 18:05
A.BA.B
7,12511333
answered May 16 at 18:05
A.BA.B
7,12511333
answered May 16 at 18:05
A.BA.B
7,12511333
7,12511333
system("bash -p")runssh -c "bash -p"so the privileges have already been dropped whenbashis executed.
– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do asystem()with elevated privileges (which, granted, they shouldn't in the first place) end-up doing asetresuid()before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.
– Stéphane Chazelas
May 16 at 18:40
|
show 1 more comment
system("bash -p")runssh -c "bash -p"so the privileges have already been dropped whenbashis executed.
– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do asystem()with elevated privileges (which, granted, they shouldn't in the first place) end-up doing asetresuid()before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.
– Stéphane Chazelas
May 16 at 18:40
system("bash -p") runs sh -c "bash -p" so the privileges have already been dropped when bash is executed.– Stéphane Chazelas
May 16 at 18:07
system("bash -p") runs sh -c "bash -p" so the privileges have already been dropped when bash is executed.– Stéphane Chazelas
May 16 at 18:07
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
oh well ok. I'll remove the "solution" part better handled by derobert's answer anyway.
– A.B
May 16 at 18:08
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
See also bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
– Stéphane Chazelas
May 16 at 18:16
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
Looks like Ubuntu fixed dash in wily (15.10). bugs.launchpad.net/ubuntu/+source/dash/+bug/1215660
– Mark Plotnick
May 16 at 18:20
1
1
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do a
system() with elevated privileges (which, granted, they shouldn't in the first place) end-up doing a setresuid() before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.– Stéphane Chazelas
May 16 at 18:40
Note that Debian used to go the other way round. It used to patch bash so as not to drop privileges. Whether it's an improvement is arguable. Now, people who want to do a
system() with elevated privileges (which, granted, they shouldn't in the first place) end-up doing a setresuid() before which is a lot worse as then the shell doesn't know it's suid so doesn't activate the mode where it doesn't trust its environment.– Stéphane Chazelas
May 16 at 18:40
|
show 1 more comment
Probably the shell is changing its effective user ID back to the real user ID as part of its startup for some reason or another. You could verify this by adding:
/* needs _GNU_SOURCE; non-Linux users see setregid/setreuid instead */
uid_t euid = geteuid(), egid = getegid();
setresgid(egid, egid, egid);
setresuid(euid, euid, euid);
before your system(). (Actually, even on Linux, you probably only need to set the real ones; the saved ones should be fine to leave alone. This is just brute force to debug. Depending on why you're set-id, you may of course need to save the real IDs somewhere as well.)
[Also, if this isn't just an exercise learning how setid works, then there are lot of security issues to worry about, especially when calling a shell. There are many environment variables, for example, that affect the shell's behavior. Prefer an already-existing approach like sudo if at all possible.]
answered May 16 at 18:05
derobertderobert
77.2k8168227
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
add a comment |
Probably the shell is changing its effective user ID back to the real user ID as part of its startup for some reason or another. You could verify this by adding:
/* needs _GNU_SOURCE; non-Linux users see setregid/setreuid instead */
uid_t euid = geteuid(), egid = getegid();
setresgid(egid, egid, egid);
setresuid(euid, euid, euid);
before your system(). (Actually, even on Linux, you probably only need to set the real ones; the saved ones should be fine to leave alone. This is just brute force to debug. Depending on why you're set-id, you may of course need to save the real IDs somewhere as well.)
[Also, if this isn't just an exercise learning how setid works, then there are lot of security issues to worry about, especially when calling a shell. There are many environment variables, for example, that affect the shell's behavior. Prefer an already-existing approach like sudo if at all possible.]
answered May 16 at 18:05
derobertderobert
77.2k8168227
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
add a comment |
Probably the shell is changing its effective user ID back to the real user ID as part of its startup for some reason or another. You could verify this by adding:
/* needs _GNU_SOURCE; non-Linux users see setregid/setreuid instead */
uid_t euid = geteuid(), egid = getegid();
setresgid(egid, egid, egid);
setresuid(euid, euid, euid);
before your system(). (Actually, even on Linux, you probably only need to set the real ones; the saved ones should be fine to leave alone. This is just brute force to debug. Depending on why you're set-id, you may of course need to save the real IDs somewhere as well.)
[Also, if this isn't just an exercise learning how setid works, then there are lot of security issues to worry about, especially when calling a shell. There are many environment variables, for example, that affect the shell's behavior. Prefer an already-existing approach like sudo if at all possible.]
answered May 16 at 18:05
derobertderobert
77.2k8168227
Probably the shell is changing its effective user ID back to the real user ID as part of its startup for some reason or another. You could verify this by adding:
/* needs _GNU_SOURCE; non-Linux users see setregid/setreuid instead */
uid_t euid = geteuid(), egid = getegid();
setresgid(egid, egid, egid);
setresuid(euid, euid, euid);
before your system(). (Actually, even on Linux, you probably only need to set the real ones; the saved ones should be fine to leave alone. This is just brute force to debug. Depending on why you're set-id, you may of course need to save the real IDs somewhere as well.)
[Also, if this isn't just an exercise learning how setid works, then there are lot of security issues to worry about, especially when calling a shell. There are many environment variables, for example, that affect the shell's behavior. Prefer an already-existing approach like sudo if at all possible.]
answered May 16 at 18:05
derobertderobert
77.2k8168227
edited May 16 at 19:16
answered May 16 at 18:05
derobertderobert
77.2k8168227
answered May 16 at 18:05
derobertderobert
77.2k8168227
answered May 16 at 18:05
derobertderobert
77.2k8168227
77.2k8168227
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
add a comment |
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
I concentrated on the why it changed, while you provided the how to avoid the issue. +1
– A.B
May 16 at 18:07
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
Of course, if you really do need somewhere to save the real IDs, the saved ID is an awfully convenient place to do it. Especially if the effective IDs are not root:root.
– Kevin
May 17 at 3:25
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f519338%2fwhy-does-the-setuid-bit-work-inconsistently%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
