获取当前进程保存的set-user-id
Get current process saved set-user-id
很明显如何获得真实用户ID(Process.uid) and effective user ID (Process.euid) of the current running process in Ruby with stdlib help. But I wonder where is a sibling method for the saved set-user-ID, something like Process.suid? There is only Process::UID.sid_available?方法,可以确定运行平台是否支持描述的功能。
好吧,你不会喜欢这个,但是 AFAICT,这是为进程获得 suid 的唯一方法。
suid = `ps -o pid,suid`[/(?<=^#{Process.pid}\s)\s*\d+/].strip
#⇒ "1000"
可能应该先检查 suid 是否可用。基本上,这个正则表达式搜索以当前进程' pid.
开头的行
The initial effective UID (as well as the saved UID) can be guessed here: since the file has the 'setuid' flag set, and is owned by the user 'anna', running it will create a process with the effective UID of the 'anna' user.
suid是文件的属性之一,所以我们可以只比较当前进程uid和文件所有者id
来自文档https://ruby-doc.org/core-1.9.3/File/Stat.html#method-i-owned-3F
您可以尝试使用统计中的此方法:
owned? → true or false
Returns true if the effective user id of the process is the same as the owner of stat.
Examples:
File.stat("testfile").owned? #=> true
File.stat("/etc/passwd").owned? #=> false
如果进程 uid 和文件所有者不相等,我们可能会说二进制文件有 suid,我们可以更好地确定我们是否有 suid 文档中的下一个方法:
https://ruby-doc.org/core-1.9.3/File/Stat.html#method-i-setuid-3F
setuid? → true or false
Returns true if stat has the set-user-id permission bit set, false if it doesn't or if the operating system doesn't support this feature.
File.stat("/bin/su").setuid? #=> true
很明显如何获得真实用户ID(Process.uid) and effective user ID (Process.euid) of the current running process in Ruby with stdlib help. But I wonder where is a sibling method for the saved set-user-ID, something like Process.suid? There is only Process::UID.sid_available?方法,可以确定运行平台是否支持描述的功能。
好吧,你不会喜欢这个,但是 AFAICT,这是为进程获得 suid 的唯一方法。
suid = `ps -o pid,suid`[/(?<=^#{Process.pid}\s)\s*\d+/].strip
#⇒ "1000"
可能应该先检查 suid 是否可用。基本上,这个正则表达式搜索以当前进程' pid.
The initial effective UID (as well as the saved UID) can be guessed here: since the file has the 'setuid' flag set, and is owned by the user 'anna', running it will create a process with the effective UID of the 'anna' user.
suid是文件的属性之一,所以我们可以只比较当前进程uid和文件所有者id
来自文档https://ruby-doc.org/core-1.9.3/File/Stat.html#method-i-owned-3F
您可以尝试使用统计中的此方法:
owned? → true or falseReturns true if the effective user id of the process is the same as the owner of stat. Examples:
File.stat("testfile").owned? #=> true
File.stat("/etc/passwd").owned? #=> false
如果进程 uid 和文件所有者不相等,我们可能会说二进制文件有 suid,我们可以更好地确定我们是否有 suid 文档中的下一个方法:
https://ruby-doc.org/core-1.9.3/File/Stat.html#method-i-setuid-3F
setuid? → true or falseReturns true if stat has the set-user-id permission bit set, false if it doesn't or if the operating system doesn't support this feature.
File.stat("/bin/su").setuid? #=> true