Using SUID, attributes, and read-only - Linux教程

- [Teacher] We now see how to use the suid bit in mounting options. So let's look at suid. So I've got a real simple little c program here. You can type this in and try it yourself if you want. What this program does is execute the head command on the file etc/shadow. Remember, etc/shadow is where hashed up passwords are stored and you do not have permission to read that file. If we try to do a head on that, we get permission denied, as expected. So let's compile this program. hs for head on shadow. So it's just going to do the head command, too, so again we get that same error. Now let's become root. If we're root, and we run the progam, it works just fine. root actually has permission, even though it doesn't say it. root kind of supersedes whatever the permissions are and can still read it. So we're going to make root the owner of the program. So root's the owner, and now we're going to add the suid bit, and we see the s there where the x was. And also, ls prints in red. So now, with the suid bit set owned by root, and anybody can run this, if anybody runs it, while they're running it, that process will effectively be root. So let's go back to be guest. Okay, well, I didn't have guest in there just right. Alright, so I'm user ID 1000, I'm not root. id tells me that I'm guest there. Okay, so I just wanted to show you that we're not root just to verify that, and then we run this, and sure enough, we get to a head on shadow because of the suid. Okay, now let's try extended attributes. So let's just try to make a file. echo hi there, tmp/myfile. Oops, myfile was already there. So I'll make a new one. Check that, okay, nothing crazy there. Trying to add some more stuff in there. Extend it, all that's fine, okay. Now let's add the attribute, extended attribute immutable. Okay, it says operation not permitted. So this is a privilege operation. That means just about anybody can set it. Okay, now let's try to add stuff. Can't add stuff. What about overriding it? Removing it? It says write-protected. Operation not permitted. So permission denied, permission denied, and then operation not permitted. So maybe operation not permitted is a little better clue, but the permission denied is kind of mysterious. If we do a long list, tmp/myf, it looks like we should be able to do it. Alright, now let's try lsattr to see if we get a clue. There we go, it shows that the immutable attribute is set. So remember that, lsattr, if you're getting mysterious permission denied trying to change or remove a file, maybe it's because of the immutable flag. Let's look at the a flag, for attributes. Let's just be root. Okay, nothing crazy there. Just make sure all the stuff works. Great, now let's set the a attribute. Okay, let's try to start over. Interesting, operation not permitted. What about if we try to add to the end? That seemed to work. And it added at the end. What if we try to remove it? Operation not permitted. If we do a lsattr, we see the a append only attribute set. Might be handy. But notice, even root is denied the capability with the extended attributes. So even root can't accidentally wipe out a file. Maybe this would be handy on log files, for example, where they can't get changed or removed except by adding more stuff to the end. Now let's look at mounting some stuff. Let's see if this partition is mounted. Okay, so partition1 on desk c is mounted on tmp/c1 with kind of ordinary options. We're going to be looking at the read-only and the nosuid, and neither of those are set, so this should perform like we're used to. So we should be able to create files. Alright, and let's do this as guest. guest doesn't have write permission to create files. So the permission denied is an ordinary permission thing. But root can create files, so this is not mounted read-only. And now we have our suid program hs here, so let's just try running that, and that works. So we're in tmp/c1 with the copy of that program, and it's an suid program, and it worked just fine. So now let's remount c1, and let's turn on read-only, nosuid. So we need to be root again to be able to do a mount. So we're going to do a remount, read-only, nosuid on this thing. And there we see read-only and nosuid. So let's go in to the directory, and we're root, let's try to create a new file. So that one's pretty explicit, read-only file system. Let's try to run the suid program. What happens when you mount nosuid, we can still run the program, but the kernel doesn't do the suid, so the program's process still runs as our ordinary user guest, so it doesn't have permission. So that's a handy option, the nosuid. There we go, a number of permission things to consider.