Setuid bit on python script : Linux vs Solaris

Eric picture Eric · Nov 29, 2011 · Viewed 20.1k times · Source

I am running this small python script on both linux and Solaris as a not privileged user :

#!/usr/bin/python
import os
print 'uid,euid =',os.getuid(),os.geteuid()

Before running, the setuid bit is set on the script (not on python interpreter) :

chown root:myusergrp getuid.py
chmod 4750 getuid.py

On Solaris, the effective uid is set because of the setuid bit :

uid,euid = 10002 0

But not on Linux :

uid,euid = 10002 10002

Note the python version is 2.6 for both Solaris and Linux

Is it possibe to have Python Linux working as Python Solaris ?

Answer

David K. Hess picture David K. Hess · Nov 29, 2011

Most Unix distributions normally don't allow you to use setuid on a file that uses a #! interpreter. Solaris happens to be one that allows it due to its use of a more secure implementation than most other distributions.

See this FAQ entry for more background about why the mechanism is so dangerous: How can I get setuid shell scripts to work?

See this link for more discussion and how to compile a setuid executable that will run your script: setuid on shell scripts

The pertinent part:

int main()
{
   setuid( 0 );
   system( "/path/to/script.sh" );

   return 0;
}