[CONTACT]

[ABOUT]

[POLICY]

[ADVERTISE]

Aucbvax.fa.wizardsutzoo!decvax!

Found at: gopher.quux.org:70/Archives/usenet-a-news/FA.unix-wizards/81.10.15_ucbvax.4483_fa.unix-wizards.txt

Aucbvax.4483
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Thu Oct 15 23:58:45 1981
Getting around mkdir on setuid programs
>From MathStat.jmrubin@Berkeley Thu Oct 15 20:40:40 1981
	This refers to a letter of mark@berkeley referring to the
fact that when a setuid program forks mkdir, mkdir checks the real
uid in figuring out permissions and ownership.
	One way to do it (and I am not sure this is all that good) is to
run the program setuid root, and then, instead of forking mkdir, simply
copy the appropriate part of the code for mkdir.  (mknod, et. al.)
root can then chown and chmod the directories as appropriate.  If one
is paranoid, one can setuid to a more restrictive user as soon as it is
clear that a restricted system call won't be necessary.
	Alternatively, instead of running mkdir directly, you could fork
a setuid root program in a directory only accessible to the euid of the
original program which
	(1) setuid's to 0
	(2) forks mkdir
	(3) chowns the directories if necessary.  (if this last
step isn't necessary, another fork probably isn't necessary)
	One of Mark's suggestions was to permit setuid(geteuid())
in the kernel.  I don't think this would cause any a priori
security breeches, but it might require more care in programming.
					Joel Rubin
-----------------------------------------------------------------
 gopher://quux.org/ conversion by John Goerzen <jgoerzen@complete.org>
 of http://communication.ucsd.edu/A-News/
This Usenet Oldnews Archive
article may be copied and distributed freely, provided:
1. There is no money collected for the text(s) of the articles.
2. The following notice remains appended to each copy:
The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 
 Bruce Jones, Henry Spencer, David Wiseman.


AD:

NEW PAGES:

[ODDNUGGET]

[GOPHER]