Set another userid to current process

Question

I want to set current process's effective uid to other user's uid (or a arbitrary value).

struct passwd* pwHost = getpwnam(hostName);//hostName is another user's name
struct passwd* pwGuest = getpwnam(guestName);//guestName is the current log-in user's name
if(pwHost==NULL||pwGuest==NULL)
{
    printf("User cannot be found\n");
    exit(0);
}

//setresuid(pwGuest->pw_uid, pwHost->pw_uid, pwGuest->pw_uid);//change the effective uid of current process to the host uid
setresuid(1000, 1000, 1000);//change current process's uid to a arbitrary value
printf("Host uid: %u\n", pwHost->pw_uid);
printf("Guest uid: %u\n", pwGuest->pw_uid);

static uid_t euid, ruid, suid;
getresuid(&euid, &ruid, &suid); 
printf("euid: %u\n", euid);
printf("ruid: %u\n", ruid);
printf("suid: %u\n", suid);
printf("Set permission complete\n");

Result:

Host uid: 35917
Guest uid: 35917
euid: 35917
ruid: 35917
suid: 35917

However, it seems like none of them has been changed yet. I looked-up the manual, which explains that user needs a privilege or something I don't quite understand. Could anyone give me some hints of how to achieve my goal? Thanks a lot.

Answer 1

In addition to the code you have, you will need to set the file permissions to indicate the executable has setuid permissions. This can be done with;

chmod +s exec

This allows any random user to execute the program using the privilege of the owner of the executable. If the owner of the executable is root, this can bypass many security features, allowing for dangerous results.

Here's a link to page with more details on the setuid and setgid file permissions.

Answer 2

In general, only a root process can change its uid to another uid.

Userids are fundamental building blocks of the POSIX security model. If a regular process could change its userid, there will be no point to having userids in the first place. Any process could change its uid, and overwrite any file or directory owned by another userid.