Re: Setuid binaries and File Ownerships in FreeBSD9.0
On 01/23/2013 02:26 PM, Martin McCormick wrote: > The executable in question is a C program whos file > permissions are 4755 and the file belongs to root so all files > it opens are also owned by root and that works properly, but > what I need is for this application to first open a few files owned by > the caller and then later, upgrade back to root and write to > files the caller can not write to. I was hoping to avoid using > chown and chgrp and simply let the privilege level of the > application dictate ownership of any file it opens. > > When the application first runs, it gets the UID and GID > of the user and uses > > setuid(heruid); and setgid(hergid); to temporarily downgrade and > those files are owned by the right user but setuid(0); doesn't > appear to upgrade back to root. > > Is there any other strategy that gets one back to root > short of using chown and then a system call and never > downgrading privilege? seteuid(2) ? Alternately, open the privileged files before dropping root; you should still be able to write to them afterwards. -- Fuzzy love, -CyberLeo Furry Peace! - http://www.fur.com/peace/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setuid binaries and File Ownerships in FreeBSD9.0
jb writes: > Get familiar with this document: > http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf > > Then verify its validity on your target and current OS. Thank you. I had read the man page several times and like most man pages, it is a summary and one can miss some of the finer points which I seem to be missing right now. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setuid binaries and File Ownerships in FreeBSD9.0
> From: Martin McCormick > To: FreeBSD Questions > Subject: Setuid binaries and File Ownerships in FreeBSD9.0 > Date: Wed, 23 Jan 2013 14:26:16 -0600 > [[.. sneck ..]] > When the application first runs, it gets the UID and GID > of the user and uses > > setuid(heruid); and setgid(hergid); to temporarily downgrade and > those files are owned by the right user but setuid(0); doesn't > appear to upgrade back to root. > > Is there any other strategy that gets one back to root > short of using chown and then a system call and never > downgrading privilege? man setEuid ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setuid binaries and File Ownerships in FreeBSD9.0
Martin McCormick dc.cis.okstate.edu> writes: > > The executable in question is a C program whos file > permissions are 4755 and the file belongs to root so all files > it opens are also owned by root and that works properly, but > what I need is for this application to first open a few files owned by > the caller and then later, upgrade back to root and write to > files the caller can not write to. I was hoping to avoid using > chown and chgrp and simply let the privilege level of the > application dictate ownership of any file it opens. > > When the application first runs, it gets the UID and GID > of the user and uses > > setuid(heruid); and setgid(hergid); to temporarily downgrade and > those files are owned by the right user but setuid(0); doesn't > appear to upgrade back to root. > > Is there any other strategy that gets one back to root > short of using chown and then a system call and never > downgrading privilege? > > Thank you. Unix processes have an effective (EUID, EGID), a real (UID, GID) and a saved (SUID, SGID) ID. Get familiar with this document: http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf Then verify its validity on your target and current OS. jb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Setuid binaries and File Ownerships in FreeBSD9.0
The executable in question is a C program whos file permissions are 4755 and the file belongs to root so all files it opens are also owned by root and that works properly, but what I need is for this application to first open a few files owned by the caller and then later, upgrade back to root and write to files the caller can not write to. I was hoping to avoid using chown and chgrp and simply let the privilege level of the application dictate ownership of any file it opens. When the application first runs, it gets the UID and GID of the user and uses setuid(heruid); and setgid(hergid); to temporarily downgrade and those files are owned by the right user but setuid(0); doesn't appear to upgrade back to root. Is there any other strategy that gets one back to root short of using chown and then a system call and never downgrading privilege? Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
