From: Alexander Bokovoy <a.bokovoy@sam-solutions.net>
To: devel@altlinux.ru
Subject: Re: [devel] BTE
Date: Wed, 11 Dec 2002 16:07:36 +0200
Message-ID: <20021211140735.GD8888@sam-solutions.net> (raw)
In-Reply-To: <20021210110230.GJ18440@basalt.office.altlinux.ru>
[-- Attachment #1: Type: text/plain, Size: 1179 bytes --]
On Tue, Dec 10, 2002 at 02:02:30PM +0300, Dmitry V. Levin wrote:
> > > > > Но у меня все еще тяжелее чем у вас - BTE работает с правами
> > > > > пользователя. ;-)
> > > > У нас тоже с правами пользователя (еще с весны). Так что к чему этот довод
> > > > -- не понял.
> > > Ваша версия BTE устанавливает пакеты с правами root'а, что есть insecure.
> > Есть идеи как использовать команду chroot без соответствующих привилегий?
>
> Есть идея использовать chrootuid.
Есть идея этот chrootuid посмотреть повнимательнее. Такой профанации я еще
не встречал. Патч, лечащий профанацию, прилагается. Пакеты
(chrootuid-1.3-alt2) уже отправлены в devel:/incoming/Sisyphus/BTE.
Немного о том, почему здесь не надо использовать syslog. Поскольку
chroot(1) и su(1) пишут ошибки на stderr, то я не вижу необходимости и
утилите, комбинирующей их, писать не на stderr. Более того, очевидно,
именно запись в syslog вместо stderr и привела к пропуску второго ляпсуса,
названного мною выше "профанацией". Хотя, впрочем, как назвать
кардинально неправильное поведение "secure" программы?
--
/ Alexander Bokovoy
---
Nobody knows what goes between his cold toes and his warm ears.
-- Roy Harper
[-- Attachment #2: chrootuid-1.3-alt.patch --]
[-- Type: text/plain, Size: 2628 bytes --]
--- chrootuid-1.3/chrootuid.c.orig 2002-12-11 15:28:44 +0200
+++ chrootuid-1.3/chrootuid.c 2002-12-11 15:42:57 +0200
@@ -50,9 +50,11 @@
#include <unistd.h>
#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
#include <pwd.h>
#include <grp.h>
-#include <syslog.h>
int main(argc, argv)
int argc;
@@ -65,12 +67,6 @@
* require only two arguments.
*/
-#ifdef LOG_DAEMON
- (void) openlog(argv[0], LOG_PID | LOG_NDELAY, LOG_DAEMON);
-#else
- (void) openlog(argv[0], LOG_PID);
-#endif
-
/*
* Require proper amount of arguments. In all cases of error, exit with
* zero status because we have already reported the problem via syslogd.
@@ -78,44 +74,44 @@
*/
if (argc < 4) {
- syslog(LOG_ERR, "usage: %s path user command", argv[0]);
- return (0);
+ fprintf(stderr,"usage: %s path user command\n", argv[0]);
+ return (1);
}
/* Must step into the new subtree. */
if (chdir(argv[1])) {
- syslog(LOG_ERR, "chdir(%s): %m", argv[1]);
- return (0);
+ fprintf(stderr, "chdir(%s): %s\n", argv[1], strerror(errno));
+ return (1);
}
/* The user must be known in the *unrestricted* universe... */
if ((pwd = getpwnam(argv[2])) == 0) {
- syslog(LOG_ERR, "%s: user unknown", argv[2]);
- return (0);
+ fprintf(stderr, "%s: user unknown\n", argv[2]);
+ return (1);
}
/* initgroups() accesses the group file in the unrestricted universe... */
if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) {
- syslog(LOG_ERR, "initgroups: %m");
- return (0);
+ fprintf(stderr, "initgroups: %s\n", strerror(errno));
+ return (1);
}
endgrent();
/* Do the chroot() before giving away root privileges. */
if (chroot(argv[1])) {
- syslog(LOG_ERR, "chroot(%s): %m", argv[1]);
- return (0);
+ fprintf(stderr, "chroot(%s): %s\n", argv[1], strerror(errno));
+ return (1);
}
/* Switch group id then user id. */
if (setgid(pwd->pw_gid)) {
- syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid);
- return (0);
+ fprintf(stderr, "setgid(%d): %s\n", pwd->pw_gid, strerror(errno));
+ return (1);
}
if (setuid(pwd->pw_uid)) {
- syslog(LOG_ERR, "setuid(%d): %m", pwd->pw_uid);
- return (0);
+ fprintf(stderr, "setuid(%d): %s\n", pwd->pw_uid, strerror(errno));
+ return (1);
}
/* In case we still have the /etc/passwd file still open. */
@@ -124,6 +120,6 @@
/* Run the command and hope for the best. */
(void) execv(argv[3], argv + 3);
- syslog(LOG_ERR, "%s: %m", argv[3]);
- return (0);
+ fprintf(stderr, "%s: %s", argv[3], strerror(errno));
+ return (1);
}
next prev parent reply other threads:[~2002-12-11 14:07 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-09 17:47 [devel] Broken python21 Alexander Bokovoy
2002-12-09 18:06 ` aen
2002-12-09 20:58 ` Andrey Orlov
2002-12-09 18:12 ` Dmitry V. Levin
2002-12-09 18:23 ` Alexander Bokovoy
2002-12-09 18:53 ` Dmitry V. Levin
2002-12-09 19:04 ` Alexander Bokovoy
2002-12-09 18:49 ` Aleksandr Blokhin
2002-12-09 20:02 ` Dmitry V. Levin
2002-12-09 20:27 ` Aleksandr Blokhin
2002-12-09 19:52 ` Dmitry V. Levin
2002-12-09 19:56 ` aen
2002-12-09 20:08 ` Dmitry V. Levin
2002-12-09 20:09 ` Alexander Bokovoy
2002-12-09 20:11 ` AntonFarygin
2002-12-09 20:32 ` Alexander Bokovoy
2002-12-09 20:50 ` AntonFarygin
2002-12-10 9:47 ` Alexander Bokovoy
2002-12-10 10:02 ` AntonFarygin
2002-12-10 10:28 ` Alexander Bokovoy
2002-12-10 10:40 ` [devel] BTE Dmitry V. Levin
2002-12-10 10:51 ` Alexander Bokovoy
2002-12-10 11:02 ` Dmitry V. Levin
2002-12-10 11:15 ` Alexander Bokovoy
2002-12-10 11:33 ` Dmitry V. Levin
2002-12-10 11:52 ` Alexander V. Nikolaev
2002-12-10 12:13 ` Alexander Bokovoy
2002-12-10 12:29 ` AntonFarygin
2002-12-10 12:53 ` Alexander Bokovoy
2002-12-10 13:19 ` Dmitry V. Levin
2002-12-10 13:48 ` Alexander Bokovoy
2002-12-10 16:00 ` AntonFarygin
2002-12-10 16:35 ` Alexander Bokovoy
2002-12-10 17:04 ` AntonFarygin
2002-12-10 17:28 ` Alexander Bokovoy
2002-12-10 18:41 ` Dmitry V. Levin
2002-12-10 18:48 ` Alexander Bokovoy
2002-12-10 19:59 ` Dmitry V. Levin
2002-12-10 20:03 ` Alexander Bokovoy
2002-12-11 6:45 ` AntonFarygin
2002-12-11 6:40 ` AntonFarygin
2002-12-10 19:51 ` [devel] BTE Michael Shigorin
2002-12-11 6:42 ` AntonFarygin
2002-12-11 14:07 ` Alexander Bokovoy [this message]
2002-12-11 14:21 ` [devel] BTE AntonFarygin
2002-12-11 14:51 ` Alexander Bokovoy
2002-12-11 15:34 ` Dmitry V. Levin
2002-12-11 15:42 ` Alexander Bokovoy
2002-12-11 16:05 ` Dmitry V. Levin
2002-12-11 16:26 ` Alexander Bokovoy
2002-12-11 16:48 ` Dmitry V. Levin
2002-12-11 16:49 ` Alexander Bokovoy
2002-12-10 11:02 ` Alexander Bokovoy
2002-12-10 11:02 ` [devel] Broken python21 AntonFarygin
2002-12-10 11:19 ` Alexander Bokovoy
2002-12-10 11:36 ` [devel] BTE Dmitry V. Levin
2002-12-10 11:54 ` [devel] Broken python21 Alexander V. Nikolaev
2002-12-10 12:16 ` Alexander Bokovoy
2002-12-10 13:01 ` Alexander V. Nikolaev
2002-12-10 13:11 ` Alexander Bokovoy
2002-12-10 13:37 ` [devel] " Andrey Khavryuchenko
2002-12-10 13:57 ` Alexander Bokovoy
2002-12-10 13:32 ` Andrey Khavryuchenko
2002-12-10 13:41 ` Alexander V. Nikolaev
2002-12-10 13:49 ` Andrey Khavryuchenko
2002-12-10 14:11 ` aen
2002-12-10 14:51 ` Andrey Khavryuchenko
2002-12-09 21:03 ` [devel] " Dmitry V. Levin
2002-12-10 9:57 ` Alexander Bokovoy
2002-12-10 10:45 ` [devel] Dependencies Dmitry V. Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021211140735.GD8888@sam-solutions.net \
--to=a.bokovoy@sam-solutions.net \
--cc=devel@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Team development discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
public-inbox-index devel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git