Re: suid problem
Lindsay Allen <[EMAIL PROTECTED]> writes: > Oh dear. I have just installed a complete Debian system for a new recruit > who is now 4 hours away by jet. Is there any automated way of finding > missing bits? Yes - track updates to 1.2 as they are released, 1.2.1, 1.2.2, etc. > Or what is my best course of action? Regarding this bug? It only manifests in 2.1 kernels, about 2.1.10 (not sure of the exact version), so just run a 2.0 kernel or apply the patch. Guy -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
> On Tue, 10 Dec 1996, Hamish Moffatt wrote: > > [8:03pm] [EMAIL PROTECTED]:/usr/X11R6/bin# ls -l XF86_S3 > > -rwxr-xr-x 1 root root 2025716 Nov 22 15:18 XF86_S3 > > Now X won't run, of course. > > Why not? > In debian, /usr/X11R6/bin/X is not a link to the Xserver but its a wrapper > program... Then the suid bit on my X binary went missing at some stage. Still a problem with losing suid bits. Thanks, hamish -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
On Tue, 10 Dec 1996, Hamish Moffatt wrote: > > [8:03pm] [EMAIL PROTECTED]:/usr/X11R6/bin# ls -l XF86_S3 > -rwsr-xr-x 1 root root 2025716 Nov 22 15:18 XF86_S3 > > [8:03pm] [EMAIL PROTECTED]:/usr/local/deb/x# dpkg -i xserver-s3_3.2-1.deb > (Reading database ... 22830 files and directories currently installed.) > Preparing to replace xserver-s3 3.2-1 (using xserver-s3_3.2-1.deb) ... > Unpacking replacement xserver-s3 ... > Setting up xserver-s3 (3.2-1) ... > > [8:03pm] [EMAIL PROTECTED]:/usr/X11R6/bin# ls -l XF86_S3 > -rwxr-xr-x 1 root root 2025716 Nov 22 15:18 XF86_S3 > > Now X won't run, of course. Why not? In debian, /usr/X11R6/bin/X is not a link to the Xserver but its a wrapper program... [EMAIL PROTECTED]:~# ls -la /usr/X11R6/bin/X -rwsr-xr-x 1 root root 4032 Nov 22 05:20 /usr/X11R6/bin/X which parses the /etc/X11/config file and then runs the X server which itself is not suid, so a user couldnt get around the /etc/X11/config Greg -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
Hamish Moffatt <[EMAIL PROTECTED]> writes: > In the past few weeks I've had a lot of problems with various > binaries losing their suid bits. This is bug 5479 in dpkg. It contains a patch which you can use until a new version of dpkg fixes it. Guy -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
On Tue, 10 Dec 1996 20:28:56 +1100 Hamish Moffatt ([EMAIL PROTECTED] rmit.edu.au) wrote: > H. I just reinstalled smail and the suid bit was maintained. > However the X (S3 server) package seems to be missing the suid bit. > Could be a bug, but the vga16 server has the same. Anyway, > this is wandering off the topic. No this is correct, the actual server XF86_* doesn't have any suid bit set, but the /usr/bin/X11/X wrapper is setuid root. Phil. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
> > In the past few weeks I've had a lot of problems with various > > binaries losing their suid bits. For example, I upgraded smail > > to the latest (package), and started getting errors from smail > > telling me it couldn't write to the paniclog. It wasn't suid, > > as it should've been. A few people have told me in mail that > > this is a Linux 2.1 bug. > > I don't think so. I suspect this is a bug in the version of dpkg > you're using. Please check if the setuid bit is set in the '.deb' > file: dpkg-deb --contents smail*deb; if it is, and it is not > present after "dpkg -i smail*deb", it is definitively a problem > with your dpkg version. H. I just reinstalled smail and the suid bit was maintained. However the X (S3 server) package seems to be missing the suid bit. Could be a bug, but the vga16 server has the same. Anyway, this is wandering off the topic. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
Re: suid problem
> In the past few weeks I've had a lot of problems with various > binaries losing their suid bits. For example, I upgraded smail > to the latest (package), and started getting errors from smail > telling me it couldn't write to the paniclog. It wasn't suid, > as it should've been. A few people have told me in mail that > this is a Linux 2.1 bug. I don't think so. I suspect this is a bug in the version of dpkg you're using. Please check if the setuid bit is set in the '.deb' file: dpkg-deb --contents smail*deb; if it is, and it is not present after "dpkg -i smail*deb", it is definitively a problem with your dpkg version. > However I spoke to someone on the kernel mailing list, and he > said that as far as he knew, it was a feature, and is > in most unixes and to his knowledge even Linux 2.0. To my > testing it is not in Linux 2.0, but it is in Solaris 5.5, > for example. No. This is about setuid _scripts_. Setuid scripts are a security hole on almost every system, because of a time window in which the script might be replaced after the setuid has gone effective, but before the interpreter has read it. Solaris is free from this hole. In linux, setuid bits on _scripts_ are ignored. Hope this helps, Ray -- J.H.M. Dassen | RUMOUR Believe all you hear. Your world may [EMAIL PROTECTED] | not be a better one than the one the blocks | live in but it'll be a sight more vivid. | - The Hipcrime Vocab by Chad C. Mulligan -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
suid problem
In the past few weeks I've had a lot of problems with various binaries losing their suid bits. For example, I upgraded smail to the latest (package), and started getting errors from smail telling me it couldn't write to the paniclog. It wasn't suid, as it should've been. A few people have told me in mail that this is a Linux 2.1 bug. However I spoke to someone on the kernel mailing list, and he said that as far as he knew, it was a feature, and is in most unixes and to his knowledge even Linux 2.0. To my testing it is not in Linux 2.0, but it is in Solaris 5.5, for example. Is this a problem with regard to the debian package system? It bothers me that my binaries are losing their suid status quite often. As an example; [8:03pm] [EMAIL PROTECTED]:/usr/X11R6/bin# ls -l XF86_S3 -rwsr-xr-x 1 root root 2025716 Nov 22 15:18 XF86_S3 [8:03pm] [EMAIL PROTECTED]:/usr/local/deb/x# dpkg -i xserver-s3_3.2-1.deb (Reading database ... 22830 files and directories currently installed.) Preparing to replace xserver-s3 3.2-1 (using xserver-s3_3.2-1.deb) ... Unpacking replacement xserver-s3 ... Setting up xserver-s3 (3.2-1) ... [8:03pm] [EMAIL PROTECTED]:/usr/X11R6/bin# ls -l XF86_S3 -rwxr-xr-x 1 root root 2025716 Nov 22 15:18 XF86_S3 Now X won't run, of course. H, maybe there's a different problem. The SUID bit has been lost on the above, and I'm running Linux 2.0.27 ... which doesn't fail my usual test for this behaviour. Any suggestions? hamish -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED]
