Re: Privileged write to file
Re: Privileged write to file
- Subject: Re: Privileged write to file
- From: Nicko van Someren <email@hidden>
- Date: Thu, 11 Mar 2004 09:28:21 +0000
On 11 Mar 2004, at 1:20, Charles Srstka wrote:
I still don't understand the logic behind this.
Wouldn't it be trivial then to write a malicious app that launches
your setuid root tool, pretends it's your app, and then uses the tool
to copy files to all sorts of locations where they can do damage?
No, because what I suggested was that you should provide a setuid
program that writes the configuration file, not one that writes
arbitrary data into arbitrary files. In this context the setuid tool
should (a) authorise the user, (b) perform some sanity check on the
provided configuration data and then (c) write it to the config file in
some atomic manner. There is no need for the tool to be able to write
to any other location. Note that is the binary is altered the setuid
bit in its permissions is lost and has to be reset (by a user with
Admin authority) before it can cause damage.
Nicko
On Mar 10, 2004, at 3:29 AM, Nicko van Someren wrote:
...
The right way to do this is probably to write a tiny program that
writes the configuration file and install it owned by root with the
setuid permission bit set.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.