On Wed, 7 Mar 2001, Catalin Muresan wrote:
>
> On Wed, Mar 07, 2001 at 12:50:40PM +0200, George CARAGEA wrote:
> > Vreau si eu sa fac un un script sau un programel C care sa fie executat
> > de un user oarecare, sa se suideze ca root si sa schimbe permisiile pe un
> > director. Uite sursa C:
> [snip]
> > Ce alte solutii exista?
>
> main(int argc, char **argv)
> {
> setreuid(0,0);
> sysexec char[1024];
> snprintf(sysexec, 1024, "/bin/chown -R cvs.cvs %s", argv[1]);
> system(sysexec);
> }
>
> recomand strace -f programel-setuid daca nu merge, desi ...
> parca nu poti face strace pe un setuid ...
>
Hmm. In pagina de la system zice : :))))
SYSTEM(3) Linux Programmer's Manual SYSTEM(3)
[stuff]
Do not use system() from a program with suid or sgid priv-
ileges, because strange values for some environment vari-
ables might be used to subvert system integrity. Use the
e�ex�xe�ec�c(3) family of functions instead, but not e�ex�xe�ec�cl�lp�p(3) or
e�ex�xe�ec�cv�vp�p(3). s�sy�ys�st�te�em�m(�()�) will not, in fact, work
properly from
programs with suid or sgid privileges on systems on which
/�/b�bi�in�n/�/s�sh�h is b�ba�as�sh�h version 2, since bash 2 drops privileges
on startup. (Debian uses a modified bash which does not
do this when invoked as s�sh�h.)
[stuff]
Deci? Fac cu system sau nu?
George Caragea - [EMAIL PROTECTED]
NetAdmin for The Numerical Methods Lab - lmn.pub.ro
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
