What can a process with UID 0 do that a process with EUID 0 can't?

0
votes

I realised I've missed a subtlety with user IDs (UID) and effective user IDs (EUID) and need some clarification. N.B. I'm working on macOS, although I suspect everything makes sense in a Linux world as well.

I've created a binary and set the setuid bit on it (with chmod +s). If I run this binary and log the values from getuid() and geteuid() then I see UID=501 (my regular user) and EUID=0 (root). I can futher call setuid(0) to set UID=0.

My question is, when would I need to do that? i.e. What can my process do with (UID, EUID)=(0,0) that it can't do with (UID, EUID)=(501,0)?

1
macosrootuseriduidsetuid
The former can run off filesystems mounted with nosuid...Mark Setchell

1 Answers

0
votes

Normally when you run a binary, it runs as you. ie: your UID. When you setuid, the binary no longer runs as you, but as the owner of the file. In this case that user is root.

root (uid=0) can do just about anything, including changing their own UID. There shouldn't be any difference between (0,0) (501,0) except..... One is YOU running something as root and the other is root running something as root. Essentially, it makes you root.