Suid To Work Properly __top__: Su Must Be

Title Why su Must Be Setuid (SUID) to Function Correctly

1. Introduction The su (substitute user) command allows a user to switch to another user account (typically root) without logging out. For su to work as intended, it must have the SUID (Set User ID) bit set. This article explains why this permission is critical and what happens if it’s missing.

2. Quick Recap: What is SUID?

SUID is a special file permission ( rwsr-xr-x or 4755 ). When an executable with SUID runs, it executes with the file owner’s privileges , not the invoking user’s. For su , the owner is root . su must be suid to work properly

3. Why SUID is Necessary for su Core Reason: Privilege Escalation

Normal users cannot read /etc/shadow (where password hashes are stored) or change UIDs. To switch to another user, su must:

Authenticate the user (verify the target user’s password). Start a new shell with that user’s UID/GID. Title Why su Must Be Setuid (SUID) to

Without SUID:

su would run with the caller’s permissions → can’t access /etc/shadow → can’t verify passwords → can’t switch users.

Step-by-Step Mechanism

User runs su → process starts with user’s UID (e.g., bob ). SUID bit detected → kernel temporarily changes effective UID to file owner (root). su reads /etc/shadow to validate password. If correct, su sets real/effective UID to target user (e.g., root or alice ). Spawns a new shell with those credentials.

Without SUID, step 3 fails with permission denied.