Let's say we have created a file with root account with -rwsr-xr-x script.sh permissions. We have set suid bit on this file so any user who is gonna execute this file, it's gonna be execute by owner of the file which is root. For example let's look at the passwd command:
$ ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 68208 Apr 16 17:06 /usr/bin/passwd
This command is similar to our file. Any user who executes this command, it's going to be run as root account no matter if the user is root or has sudo privileges.
The question is how can i verify this subject?
To figure this out I'v tried this: if we look at script.sh contents, I'v wrote this simple script:
#!/bin/bash
if [[ $UID -eq 0 ]]
then
echo "Running as root"
else
echo "Not root"
fi
now if I run this script as a regular user, the output will be: Not root
So how can I check if it's running as root?
Please let me know if I have misunderstanding of the concepts. I'm a newbie.
if [ -w /etc/passwd ]... if you can write to that file then you're either root or the whole system can be compromised :-) – Stephen Harris Sep 04 '20 at 15:17$UID), they're subject to manipulation. Rather, readman idand useid -uto get the UID. – waltinator Sep 04 '20 at 17:34