You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have an executable that uses shellfn::shell to execute a command and the executable has the SUID bit set, but the euid does not get preserved in the shell, whereas it does with the std library subprocess.
to test this I wrote an executable that does this:
and then wrote an executable to shell out and call it:
use shellfn::shell;
use nix::unistd::{getuid, geteuid};
fn main() {
println!("euid {:?} {:?}", getuid(), geteuid());
let info = _info().unwrap();
//let info = _info2();
println!("subprocess {}", info);
}
#[shell]
fn _info() -> Result<String, Box<std::error::Error>> { r#"
./subpuid
"# }
fn _info2() -> String {
let output = std::process::Command::new("./subpuid")
.output()
.expect("failed to execute process");
let scow = String::from_utf8_lossy(&output.stdout);
let mut op = String::new();
op.push_str(&scow);
op
}
If you change the owner on the main command and set its euid bit (chmod u+s fllename) then run it, you will see that the EUID gets lost when compiled with _info but not _info2.
The text was updated successfully, but these errors were encountered:
I have an executable that uses shellfn::shell to execute a command and the executable has the SUID bit set, but the euid does not get preserved in the shell, whereas it does with the std library subprocess.
to test this I wrote an executable that does this:
and then wrote an executable to shell out and call it:
If you change the owner on the main command and set its euid bit (chmod u+s fllename) then run it, you will see that the EUID gets lost when compiled with _info but not _info2.
The text was updated successfully, but these errors were encountered: