home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.unix.programmer:5217 comp.mail.mh:1268
- Newsgroups: comp.unix.programmer,comp.mail.mh
- Path: sparky!uunet!pipex!warwick!coventry!champion
- From: champion@cch.coventry.ac.uk (Alun)
- Subject: Re: setuid programs and calls...
- Message-ID: <BxG21C.n38@cck.coventry.ac.uk>
- Sender: news@cck.coventry.ac.uk (news user)
- Nntp-Posting-Host: cc_sysh
- Organization: Coventry University, Coventry, UK.
- References: <1992Nov5.220832.3217@spectrum.xerox.com> <1992Nov9.031112.21835@spectrum.xerox.com>
- Date: Mon, 9 Nov 1992 10:19:59 GMT
- Lines: 41
-
- In article <1992Nov9.031112.21835@spectrum.xerox.com> leisner.henr801c@xerox.com writes:
- ~Well, I think what I'm doing now works...
- ~
- ~ #include <stdio.h>
- ~
- ~ main()
- ~ {
- ~ int i;
- ~
- ~ if(0 != setruid(220)) {
- ~ perror("Can't set real uid");
- ~ exit(2);
- ~ }
- ~
- ~ /* this runs setuid on the destination mailfile account UID */
- ~ i = system("inc +zombi -file /net/zombi/files5/spool/mail/leisner -truncate");
- ~ system("id");
- ~ exit(i);
- ~ }
- ~
- ~I found I have to be setuid to root and change the real ID -- just changing
- ~the effective UID will let me read the remote mail file, but not truncate it.
-
- I didn't see the beginning of this thread so I don't know exactly what
- you are trying to do.
- But doesn't system(arg) runs "sh -c arg" and therefore has some of the security
- problems of a setuid shell script. You have not specified the full path to
- "inc" so someone could write their own version of "inc" and as long as the
- environment variable $PATH was configured properly it would run their version
- of "inc" and not the intended on - same with "id".
- Even if you did specify the full path it would still be susceptible to attacks
- with $IFS.
-
- If security is not a problem ignore this article. :-}
-
-
- -Alun
-
- --
- A.Champion | That's an interesting point, in the sense of
- (champion@uk.ac.cov.cck) | being very not interesting at all. - The Liar
-
