macos 10 setuid无故失败
我运行此代码是为了在以下情况下更改实际uid:macos 10 setuid无故失败,macos,setuid,Macos,Setuid,我运行此代码是为了在以下情况下更改实际uid: #include <cstdlib> #include <cstdio> #include <errno.h> #include <sys/types.h> #include <unistd.h> void printstat() { printf("uid: %d, euid: %d\n",getuid(),geteuid()); } int main(int argc, c
#include <cstdlib>
#include <cstdio>
#include <errno.h>
#include <sys/types.h>
#include <unistd.h>
void printstat()
{
printf("uid: %d, euid: %d\n",getuid(),geteuid());
}
int main(int argc, char** argv)
{
if (argc < 2)
{
return -1;
}
int m_targetUid = atoi(argv[1]);
printstat();
uid_t realUID = getuid();
printf("Setting effective uid to %d\n",m_targetUid);
seteuid(m_targetUid);
printstat();
if (m_targetUid != realUID)
{
printf("Setting real uid to %d\n",m_targetUid);
int res = setuid(m_targetUid);
printf("setuid(%d) returned: %d\n",m_targetUid,res);
if (0 > setuid(m_targetUid))
{
printf("setuid(%d) failed: %d, getuid() returned %d, geteuid returned %d\n",m_targetUid,errno,realUID,geteuid());
exit(-1);
}
}
}
nnlnb-mm-041: root# /tmp/setuidBug 70
uid: 0, euid: 0
Setting effective uid to 70
uid: 0, euid: 70
Setting real uid to 70
setuid(70) returned: -1
setuid(70) failed: 1, getuid() returned 0, geteuid returned 70
我终于设法解决了这个问题,显然在macos中,您必须将有效uid设置回root,它才能工作。代码如下
#include <cstdlib>
#include <cstdio>
#include <errno.h>
#include <sys/types.h>
#include <unistd.h>
void printstat()
{
printf("uid: %d, euid: %d\n",getuid(),geteuid());
}
int main(int argc, char** argv)
{
if (argc < 2)
{
return -1;
}
int m_targetUid = atoi(argv[1]);
printstat();
uid_t realUID = getuid();
printf("Setting effective uid to %d\n",m_targetUid);
seteuid(m_targetUid);
printstat();
printf("Setting effective uid to 0\n");
seteuid(0);
printstat();
if (m_targetUid != realUID)
{
printf("Setting real uid to %d\n",m_targetUid);
int res = setuid(m_targetUid);
printf("setuid(%d) returned: %d\n",m_targetUid,res);
if (0 > setuid(m_targetUid))
{
printf("setuid(%d) failed: %d, getuid() returned %d, geteuid returned %d\n",m_targetUid,errno,realUID,geteuid());
exit(-1);
}
}
printstat();
}
之后我设法自己解决了这个问题。事实证明,必须将euid更改回0,setuid才能工作。将使用有效的代码编辑帖子。不要将答案编辑为问题。如果你愿意,你可以发布你自己的答案。
#include <cstdlib>
#include <cstdio>
#include <errno.h>
#include <sys/types.h>
#include <unistd.h>
void printstat()
{
printf("uid: %d, euid: %d\n",getuid(),geteuid());
}
int main(int argc, char** argv)
{
if (argc < 2)
{
return -1;
}
int m_targetUid = atoi(argv[1]);
printstat();
uid_t realUID = getuid();
printf("Setting effective uid to %d\n",m_targetUid);
seteuid(m_targetUid);
printstat();
printf("Setting effective uid to 0\n");
seteuid(0);
printstat();
if (m_targetUid != realUID)
{
printf("Setting real uid to %d\n",m_targetUid);
int res = setuid(m_targetUid);
printf("setuid(%d) returned: %d\n",m_targetUid,res);
if (0 > setuid(m_targetUid))
{
printf("setuid(%d) failed: %d, getuid() returned %d, geteuid returned %d\n",m_targetUid,errno,realUID,geteuid());
exit(-1);
}
}
printstat();
}
uid: 0, euid: 0
Setting effective uid to 70
uid: 0, euid: 70
Setting effective uid to 0
uid: 0, euid: 0
Setting real uid to 70
setuid(70) returned: 0
uid: 70, euid: 70