Re: chroot and setuid binaries
Re: chroot and setuid binaries
- Subject: Re: chroot and setuid binaries
- From: Kevin Van Vechten <email@hidden>
- Date: Wed, 23 Feb 2011 09:43:11 -0800
You probably want to pass the -owners on option to hdiutil as described in the man page.
By default, filesystem ownership on disk images is not honored. For example, you wouldn't want a .dmg downloaded from a website containing a setuid binary to work by default, would you? :-)
Kevin
On Feb 23, 2011, at 9:07 AM, Jay Buffington wrote:
> Hi all,
>
> I am building a chroot management tool[1] for developers. It works
> under linux and I'm in the process of adding Mac support. I've ran
> into a couple of issues and could use a hand.
>
> I'm mounting a sparseimage and chroot'ing into it. When I do this ls
> tells me that binaries such as sudo and ping correctly have the setuid
> bit set and are owned by root. However, when I execute these
> binaries, their call to geteuid returns the user id rather than 0
> (confirmed with dtruss[2]). The below commands, all executed on my
> macbook pro running 10.5.7, demonstrate this:
>
> # build the image that i'll chroot into
> export image_name=mac_os_x-10.5.7
> export image_file=~/images/$image_name.sparseimage
> mkdir ~/images
> hdiutil create -type SPARSE -fs HFS+ -volname $image_name -size 5g -attach \
> $image_file
> for P in BaseSystem Essentials BSD X11User; do \
> sudo installer -target /Volumes/$image_name -pkg \
> '/Volumes/Mac OS X Install DVD/System/Installation/Packages/'$P.pkg;\
> done
>
> # mount some important directories for the chroot
> sudo mount -t devfs devfs /Volumes/$image_name/dev
> sudo mount -t fdesc -o union stdin /Volumes/mac_os_x-10.5.7/dev
> sudo mkdir -p /Volumes/$image_name/Users/jaybuff
> sudo bindfs /Users/jaybuff /Volumes/$image_name/Users/jaybuff
>
> $ # show that geteuid correctly returns 0 outside of the chroot:
> $ cat euid.c
> #include<stdio.h>
> main() { printf("euid: %i\n", geteuid()); }
> $ gcc euid.c -o euid
> $ chmod 04755 euid
> $ sudo chown root:wheel euid
> $ ./euid
> euid: 0
>
> $ # copy it into the chroot
> $ cp euid /Volumes/mac_os_x-10.5.7/tmp/euid
>
> $ sudo chroot /Volumes/mac_os_x-10.5.7 bash
>
> bash-3.2# ls -la /tmp/euid
> -rwsr-xr-x 1 root wheel 12612 Feb 22 19:23 /tmp/euid
>
> bash-3.2# su - jaybuff
> $ /tmp/euid
> euid: 37964
>
> $ id
> uid=37964(jaybuff) gid=100(users)
> groups=100(users),101(com.apple.sharepoint.group.1),98(_lpadmin),102(com.apple.sharepoint.group.2),80(admin),20(staff)
>
> Why does geteuid return 0 for a setuid binary outside of a chroot, but
> not when executed inside a chroot?
>
> Thanks,
> Jay
>
> [1] http://getjoot.org
> [2] http://www.brendangregg.com/dtrace.html
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden