How can you know if executing a program requires root?

Solution 1:

Sometime, it's in the code. For example, midway of hwclock.c, you'll find:

if (getuid() == 0)
            permitted = TRUE;
else {
            /* program is designed to run setuid (in some situations) */
            if (set || systohc || adjust) {
                    warnx(_("Sorry, only the superuser can change "
                            "the Hardware Clock."));
[...]

which will change the behavior of the program if you're root or not.

In most other cases, it's implicit; delegated to the kernel. For example, if the program calls the system call that let you reboot the system, it will work only if you are root. If you are not root, you will have a "permission denied" error that the application (if well written) simply reports to you. Or you are trying to delete a file; if you have the right permission on the file to do it, it will succeed; if not, it depends if you are root or not --- when rm calls unlink() the kernel will check permissions.

So no, in principle you can't say just looking at the permission of the executable if the program requires root privileges or not. A lot of programs will require them only for some operation, so it will be really difficult to do something like that. The case of hwclock is one (anyone can read the clock but only root can set it), but there are hundreds of them (kill, rm, cat... )

Then there is the related and interesting world of setuid programs...