当前位置: 代码迷 >> 综合 >> 特殊权限(suid、guid)
  详细解决方案

特殊权限(suid、guid)

热度:62   发布时间:2023-12-16 11:47:45.0

首先说一下问什么在没有给普通用户sudo权限,普通用户会用修改自己的密码的权限呢?
下面解释一下
suid权限

[root@lianxi ~]# ll /usr/bin/passwd
-rwsr-xr-x. 1 root root 27832 Jun 10  2014 /usr/bin/passwd
这里我们能看到属主权限这里有一个s权限
所以这时候能对自己修改密码
[laow@lianxi ~]$ passwd
Changing password for user laow.
Changing password for laow.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
如果去掉s权限
[root@lianxi ~]# chmod u-s /usr/bin/passwd
[root@lianxi ~]# ll /usr/bin/passwd
-rwxr-xr-x. 1 root root 27832 Jun 10  2014 /usr/bin/passwd
看看可以不可以
[laow@lianxi ~]$ passwd
Changing password for user laow.
Changing password for laow.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: Authentication token manipulation error
显示鉴定令牌操作错误,所以说s是借用了root用户的权限,所以可以改

sgid权限

[root@lianxi ~]# ll /usr/bin/locate
-rwx--s--x. 1 root slocate 40520 Apr 10  2018 /usr/bin/locate
属组有一个locate的s权限
[laow@lianxi /]$ locate *.txt
/etc/pki/nssdb/pkcs11.txt
/usr/lib/firmware/TDA7706_OM_v2.5.1_boot.txt
/usr/lib/firmware/TDA7706_OM_v3.0.2_boot.txt
/usr/lib/firmware/ivtv-firmware-license-end-user.txt
/usr/lib/firmware/ivtv-firmware-license-oemihvisv.txt
/usr/lib/firmware/ar3k/1020200/RamPatch.txt
/usr/lib/firmware/ar3k/1020201/RamPatch.txt
/usr/lib/firmware/ar3k/30000/RamPatch.txt
/usr/lib/firmware/ar3k/30101/RamPatch.txt
/usr/lib/firmware/ar3k/30101coex/RamPatch.txt
/usr/lib/firmware/ath10k/QCA4019/hw1.0/notice_ath10k_firmware-5.txt
/usr/lib/firmware/ath10k/QCA6174/hw2.1/notice_ath10k_firmware-5.txt
/usr/lib/firmware/ath10k/QCA6174/hw3.0/notice_ath10k_firmware-4.txt
/usr/lib/firmware/ath10k/QCA6174/hw3.0/notice_ath10k_firmware-6.txt
/usr/lib/firmware/ath10k/QCA9377/hw1.0/notice_ath10k_firmware-5.txt
/usr/lib/firmware/ath10k/QCA9887/hw1.0/notice_ath10k_firmware-5.txt
用laow这个用户查到了root里面的文件信息,说明有这个权限
[root@lianxi ~]# chmod g-s /usr/bin/locate
[root@lianxi ~]# ll /usr/bin/locate
-rwx--x--x. 1 root slocate 40520 Apr 10  2018 /usr/bin/locate
我们去掉权限看一下可以吗
[laow@lianxi /]$ locate *.txt
locate: can not stat () `/var/lib/mlocate/mlocate.db': Permission denied
说访问被拒绝,说明没有了权限

我们是临时借用了root用户的一些权限.
其实这里我们还可以用ACL权限来实现这个命令,还是那就话给用户的权限最小化,该给的给,不该给的不给

  相关解决方案

代码迷 - 您身边的软件异常,代码异常,编程异常助手(发现,解决,分享)
Copyright © 2009-2013 DAIMAMI.COM. All rights reserved.