#include #include #include #include #include #include #include using namespace std; void ReportUID(string which, uid_t value) { struct passwd *pwent; if(nullptr == (pwent = getpwuid(value))) { perror("getpwuid"); return; } cout << "\t"<pw_name << endl; return; } void ReportUIDS(void) { uid_t real, effective, saved; if( -1 == getresuid(&real, &effective, &saved)){ perror("getresuid"); exit(1); } ReportUID("Real", real); ReportUID("Effective", effective); ReportUID("Saved", saved); cout << endl; return; } void TrialAccess() { int fd; cout << "\tAttempting to open restrictedFile " << endl; fd = open("restrictedFile",O_RDONLY); if (fd == -1) { perror("\tOPEN of restrictedFile FAILED"); } else { cout << "\trestrictedFile opened" << endl; } cout << endl; close(fd); return; } void TrialRun() { int stat=0; cout << "\tRunning the id system call" << endl; switch(fork()) { case 0: execl("myid","myid",nullptr); perror("\tExec"); exit(1); case -1: perror("\tFork"); break; default: wait(&stat); } cout << endl; return; } int main() { uid_t real, effective; real = getuid(); effective = geteuid(); cout << "At program start " << endl; ReportUIDS(); TrialAccess(); TrialRun(); cout << "Calling setuid(" << getuid() << ")" << endl; setuid(real); cout <<"\t Things should go wrong now ..... " << endl; ReportUIDS(); TrialAccess(); TrialRun(); cout << "Reverting to " << effective << endl; setuid (effective); ReportUIDS(); TrialAccess(); TrialRun(); cout << "Changing all three" << endl; setresuid(real, real, real); ReportUIDS(); cout <<"\t Things should go wrong now ..... " << endl; TrialAccess(); TrialRun(); cout << "Trying to revert back to effective" << endl; if (setuid(effective) == -1) { perror("Setuid"); } return 0; }