jac*_*hab 12 linux security privileges process
在 Linux 上,如何从命令行更改正在运行的进程的 EUID(前提是我具有 root 访问权限)?
Kje*_*sen 17
如果进程以 root-privileges 运行,您可以将 gdb 附加到进程并从该进程内调用 seteuid 。
例子:
[root@user-desktop ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:system_r:unconfined_t
[root@user-desktop ~]# gdb /bin/bash $$
GNU gdb Fedora (6.8-27.el5)
# cut copyright & license statements
This GDB was configured as "x86_64-redhat-linux-gnu"...
# cut some initialization output
0x00000036b0a99335 in waitpid () from /lib64/libc.so.6
(gdb) call seteuid(500)
$1 = 0
(gdb) quit
The program is running. Quit anyway (and detach it)? (y or n) y
Detaching from program: /bin/bash, process 29017
[root@user-desktop ~]# id
uid=0(root) gid=0(root) euid=500(user) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=user_u:system_r:unconfined_t
| 归档时间: |
|
| 查看次数: |
17249 次 |
| 最近记录: |