I'm trying to check how the SUID works, and I have created a binary with the
shc compiler from this script:
#!/bin/bash
echo "I'm the script"
sleep 5
cat /srv/test/secretkali (/usr/bin/hehe). I added execution permissions and the SUID bit.
.rwsrwxr-x kali kali 15 KB Fri Feb 9 00:49:58 2024 /usr/bin/hehefranlol user.
As far as I understand, with the s bit, the file should be run by the user kali because he is the owner, even if it is executed by user franlol.
Why the binary/script cannot do the cat to a file owned by the same user than the binary owner?
What is not correct in this flow?
┌──(franlol㉿kali)-[~]
└─$ lsa -l /srv/test/secret
.rwx------ kali kali 26 B Fri Feb 9 00:46:01 2024 /srv/test/secret
┌──(franlol㉿kali)-[~]
└─$ lsa -l /usr/bin/hehe
.rwsrwxr-x kali kali 15 KB Fri Feb 9 00:49:58 2024 /usr/bin/hehe
┌──(franlol㉿kali)-[~]
└─$ hehe
I'm the script
cat: /srv/test/secret: Permission deniedps aux | grep hehe I see that the execution user is not Kali, and as far as I understand, if the hehe script is owned by the user kali, it should be run by the same owner.
Asked by franlol
(1 rep)
Feb 9, 2024, 12:15 AM