Re: How to exec a subtool as root
Re: How to exec a subtool as root
- Subject: Re: How to exec a subtool as root
- From: "Sven A. Schmidt" <email@hidden>
- Date: Tue, 21 Jan 2003 23:53:27 +0100
On Montag, Januar 20, 2003, at 08:13 Uhr, ryan wrote:
Hello,
I have been thinking about the security model in Mac OS X and how to
use the
security framework to execute privileged commands.
The documentation states that the use of
'AuthorizationExecuteWithPrivileges' should be limited to having a
small
tool self-exec to cause it to become setuid root. After that point
anytime
someone calls that small tool it runs as user root. This seems like a
fairly big security hole to me. Once you set a small tool setuid
root, then
someone could run it and do a buffer overflow, or some such naughty
thing,
and gain root access potentially.
Ryan,
I'm not sure if I can follow you on everything you're saying, but I
think there's a misunderstanding here: Even if you setuid(0) in a tool,
unless you are the super user calling that tool (or get super user
privileges by way of sudo), it will not be promoted to real and
effective uid 0.
From the setuid manpage:
DESCRIPTION
The setuid() function sets the real and effective user IDs and the
saved
set-user-ID of the current process to the specified value. The
setuid()
function is permitted if the effective user ID is that of the
super user,
or if the specified user ID is the same as the effective user ID.
If
not, but the specified user ID is the same as the real user ID,
setuid()
will set the effective user ID to the real user ID.
I might be missing your point completely, though...
Sven
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.