When a setuid program is run, are the permission bits for the owner technically rwx?
I was thinking that the first three permission bits were for the owner but thinking on it more if they were ---, this wouldn't make sense as a setUID program.
My understanding is the first three bits are for the user (i.e. the one currently logged in). Is this correct?
On
You can do this, it will run the program with the effective uid of the owner.
However, it just won't work as you expect for setuid root binaries invoked by root. This is because root doesn't honor permission bits on executables in the way that other users do. When root runs a program it will execute if any of user, group or other executable permissions are present. Given it can execute the file, it will honor the user-setuid bit (but root defaults to effective uid of 0 so its redundant):
Here are two examples:
root (which shows you can't prevent root from executing the program):$ cp /usr/bin/id .
$ sudo chown root ./id
$ sudo chmod u-rwx ./id
$ sudo ./id
uid=0(root) gid=0(root) groups=0(root)
$ sudo chmod u+s ./id
$ ls -l ./id
---Sr-xr-x 1 2 root tinkerer Dec 5 07:25 ./id
$ ./id -u
0
$ sudo ./id -u
0
bin (which shows it works exactly as you expect):$ cp /usr/bin/id .
$ sudo chown bin ./id
$ sudo chmod u-rwx ./id
$ sudo -u bin ./id
sudo: unable to execute ./id: Permission denied
$ sudo chmod u+s ./id
$ ls -l ./id
---Sr-xr-x 1 2 bin tinkerer Dec 5 07:30 ./id
$ ./id -u
2
$ sudo ./id -u
2
$ sudo -u bin ./id
sudo: unable to execute ./id: Permission denied
No.
When a setuid program is run, then (from chmod):
Nothing more, nothing less. The first three permission bits are for the owner, as you say. And yes, if the user did not have execute permission, that wouldn't make sense (and it wouldn't be an "executable file").
Is there a specific case you have in mind that you're having trouble testing?