• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to exec a subtool as root
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to exec a subtool as root

  • Subject: Re: How to exec a subtool as root
  • From: Dave Camp <email@hidden>
  • Date: Tue, 21 Jan 2003 16:08:42 -0800
The calling application is supposed to authenticate the user and get an authorization token. That token is sent to the suid tool which checks with the security framework to see if it is still valid. If so, it then does whatever it was supposed to do. If the check fails, the tool should stop.

I think that is what the documentation is suggesting.

Dave

On Tuesday, January 21, 2003, at 02:53 PM, Sven A. Schmidt wrote:

On Montag, Januar 20, 2003, at 08:13 Uhr, ryan wrote:

Hello,

I have been thinking about the security model in Mac OS X and how to use the
security framework to execute privileged commands.

The documentation states that the use of
'AuthorizationExecuteWithPrivileges' should be limited to having a small
tool self-exec to cause it to become setuid root. After that point anytime
someone calls that small tool it runs as user root. This seems like a
fairly big security hole to me. Once you set a small tool setuid root, then
someone could run it and do a buffer overflow, or some such naughty thing,
and gain root access potentially.

Ryan,

I'm not sure if I can follow you on everything you're saying, but I think there's a misunderstanding here: Even if you setuid(0) in a tool, unless you are the super user calling that tool (or get super user privileges by way of sudo), it will not be promoted to real and effective uid 0.

From the setuid manpage:

DESCRIPTION
The setuid() function sets the real and effective user IDs and the saved
set-user-ID of the current process to the specified value. The setuid()
function is permitted if the effective user ID is that of the super user,
or if the specified user ID is the same as the effective user ID. If
not, but the specified user ID is the same as the real user ID, setuid()
will set the effective user ID to the real user ID.

I might be missing your point completely, though...

Sven
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.


---
The path of least resistance, it's not just for electricity any more.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: How to exec a subtool as root
      • From: ryan <email@hidden>
References: 
 >Re: How to exec a subtool as root (From: "Sven A. Schmidt" <email@hidden>)

  • Prev by Date: Re: COCOA: Simplest Way of Formatted Text
  • Next by Date: Re: How to exec a subtool as root
  • Previous by thread: Re: How to exec a subtool as root
  • Next by thread: Re: How to exec a subtool as root
  • Index(es):
    • Date
    • Thread