Brian J. Beesley writes:
On 15 Apr 00, at 4:22, Henrik Olsen wrote:
> I just tried downloading 20.3, both mprime and sprime, as well as tried
> with mprime 19.0.2 . None of them where able to detect the network as
> being available on a machine running Mandrake Linux, kernel version
> 2.2.14-15mdksecure, probably due to /proc/net not being readable by
> non-root on such a system, which is a bit of a bummer, as I as I don't
> want to have to run it as root. :(
1) Install mprime with suid privelege. This should enable mprime to
read /proc/net as though it were running under root even though it's
actually running under an unpriveleged user.
As Henrik later points out, this is _not_ a good idea. I'm sure we
all trust George - or we wouldn't be running his binaries - but he is
not a Linux security expert, and even I wouldn't do this and I've not
only read the source code, I've worked with UNIX security since 1980
and I see nothing wrong with the code in the security sense.
Besides, there are other solutions. Which is, by the way, the first
"test" that setuid should not be used: it should only be used as a
last resort, after just about everything else has been tried.
2) Get out your hacker's hat and fix the problem in the source code.
The first time I read this, I thought you meant the Prime95 source
code. That's certainly where I'd look first.
I'd guess that all you need to change is the code which creates the
/proc pseudofilesystem at boot time. As you've probably found, you
don't seem to be able to change the permissions on "files" in the
/proc tree on a running system - even if you _are_ root.
I would guess that there are good reasons that the authors wrote it
this way. In any case, it's much easier to fix this in Prime95.
3) Is Mandrake really linux, or just a linux clone? I think the
latter. If I'm right, then perhaps switching to a genuine linux (Red
Hat, or SuSe) might be a sensible thing to do. Though the official
Red Hat distribution retail package is expensive, you can get just
the CD for about $2, or download the distribution FoC (not
reccomended unless you have fast internet access!)
This also would be a lot of work and may not even be an option for
many people. So:
4. Look at the Prime95 source code (well, for version 19.1 anyway,
which is the one I've got unpacked on my system presently) near line
761 of linux/primenet.c, where there's an fopen("/proc/net/route",
"r") inside an #ifdef __linux__. Look lower down, after the #endif,
and note that __FreeBSD__ doesn't have a similar check; it simply
always returns TRUE. Looks to me like it would be very simple to add
a check for the fopen() failing due to permissions or whatever under
Linux and return TRUE (i.e., that the system is connected to the
network), perhaps based on a new flag in one of the .ini files.
In fact, always returning TRUE from that function is not that big a
deal; if TRUE is returned when FALSE is correct, all that will happen
is that the later call to connect() - to actually try to connect to
Primenet - will fail and Prime95 will complain to the log file and
screen. I see such complaints all the time on my Win98 machines and
my new Debian Linux machine (which is running the unmodified RedHat
Linux mprime binary just fine, as far as I can tell).
Will
_________________________________________________________________
Unsubscribe & list info -- http://www.scruz.net/~luke/signup.htm
Mersenne Prime FAQ -- http://www.tasam.com/~lrwiman/FAQ-mers
