Created
July 30, 2014 10:46
-
-
Save BorePlusPlus/4f9b2b4cc687c05dbdfb to your computer and use it in GitHub Desktop.
Setuid/Getuid in golang
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ go build setuid.go | |
$ sudo su | |
[sudo] password for bore: | |
# chown root:root setuid | |
# chmod u+s setuid | |
$ ./setuid | |
Real UID: 1000 | |
Effective UID: 0 | |
Real UID: 1000 | |
Effective UID: 1000 | |
$ | |
// But if I use ps: | |
$ ps -eo euser,ruser,suser,comm | grep setuid | |
root bore root setuid | |
// After seven seconds it's still the same, even if golang reports changed effective UID | |
$ ps -eo euser,ruser,suser,comm | grep setuid | |
root bore root setuid | |
// C implementation behaves as expected | |
$ ps -eo euser,ruser,suser,comm | grep setuid | |
root bore root setuid | |
$ ps -eo euser,ruser,suser,comm | grep setuid | |
bore bore bore setuid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
void printdelay() | |
{ | |
printf("Current UID: %ld\n", (long) getuid()); | |
printf("Effective UID: %ld\n", (long) geteuid()); | |
fflush(stdout); | |
sleep(7); | |
} | |
int main(int argc, char *argv[]) | |
{ | |
printdelay(); | |
if (setuid(getuid()) == -1) { | |
printf("Error setting UID"); | |
exit(1); | |
} | |
printdelay(); | |
return 0; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"fmt" | |
"syscall" | |
"time" | |
"log" | |
"os" | |
) | |
func main() { | |
printdelay() | |
err := syscall.Setuid(syscall.Getuid()) | |
if err != nil { | |
log.Fatal(err) | |
os.Exit(1) | |
} | |
printdelay() | |
} | |
func printdelay() { | |
fmt.Printf("Real UID: %d\n", syscall.Getuid()) | |
fmt.Printf("Effective UID: %d\n", syscall.Geteuid()) | |
time.Sleep(7 * time.Second) | |
} | |
Linux can not be used,view:golang/go#1435
Mac is normal。
Hope to help latecomers。
As noted in that bug. This is fixed in go 1.16.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
thank god someone else is seeing this. I have started drinking heavily tonight becuase there is just no way this is real. I mean... what?!!?!?!?!?
Tested in 1.3.3 on Debian Wheezy and Ubuntu 14.10