COPS security audit and the unix pc.
Chris Lewis
clewis at ferret.ocunix.on.ca
Sun Apr 7 14:02:25 AEST 1991
In article <580 at iczer-1.UUCP> emm at iczer-1.UUCP (Edward M. Markowski) writes:
>In article <1991Apr03.201214.8915 at ferret.ocunix.on.ca> clewis at ferret.ocunix.on.ca (Chris Lewis) writes:
>|In article <563 at iczer-1.UUCP> emm at iczer-1.UUCP (Edward M. Markowski) writes:
>|It's in the defs.h for B news. However, it won't work on System V systems
>|because of the way setuid/setgid programs, setuid()/setgid() and mkdir
>|works. (as in, if a setuid program calls mkdir, the directory ends up
>|being owned by the real user not the effective, rnews can't write
>|into it, and there's no "elegant" way around it in System V) Which is why
>|C-news goes to all of the kludgey junk for the "setnewsids" program which
>|runs as setuid root to run relaynews properly.
>|Bnews has no such kludge, though you could retrofit setnewsids if you wanted.
>It works here. I am have a 3B1, which is running System V I do not seem
>to have that problem.
I just went back and ran some tests with 2.11 PL 19. And sure nuff, it does work.
It didn't work back in 2.10.x days which I guess is why I thought
it still didn't in 2.11. It works by chmod 777'ing the parent, mkdir'ing the
directory, owned by the real id (not news), and then "giving it away" to news and
then resetting the parent. Urgh. Still wouldn't work in some versions of
UNIX (eg: V7 where chown is usually disabled). This mechanism wouldn't
work in BSD, but in BSD you can setuid(geteuid()). C-news uses a simpler
approach by doing a setuid(geteuid()) on all of relaynews, which can't be
done on System V, so the setnewsid program does it as setuid root (via
an equivalent of setuid(getpwnam("news")->pw_uid)) and then exec'ing relaynews.
--
Chris Lewis,
clewis at ferret.ocunix.on.ca or ...uunet!mitel!cunews!latour!ecicrl!clewis
Psroff support: psroff-request at eci386.uucp, or call 613-832-0541 (Canada)
**** somebody's mailer is appending .bitnet to my From: address. If you
see this, please use the address in the signature, and send me a copy
of the headers of the mail message with the .bitnet return address. Thanks!
More information about the Comp.sys.3b1
mailing list