• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Regarding Route Command source code
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Regarding Route Command source code

  • Subject: Re: Regarding Route Command source code
  • From: Michael Smith <email@hidden>
  • Date: Fri, 1 Jun 2007 09:22:13 -0700

On Jun 1, 2007, at 7:07 AM, subodh singh wrote:

Whether the same command is working fine. I have verified the source
code also and it already used

setuid(uid);
uid=0;

So kindly suggest me the reason of this problem, and also that how can
I solve it.

The problem is that you do not understand the Unix process security model, and thus the solution would necessarily begin with your enlightenment.

In this particular example, what you're missing is that a process running with your login credential cannot change its UID to zero (i.e. it cannot become root) merely by calling setuid(0). This should be obvious, and if it's not and you plan to keep writing driver software for MacOS then I cannot encourage you strongly enough to stop everything else you're doing until you understand why.

This may sound a little harsh, and I'm only picking on you because you stood up and asked a question, but it is exactly this lack of comprehension that forms a major part of Microsoft's ongoing problems with local security holes in Windows, and MacOS is much better off without it.

Because the system calls that route(8) uses affect the whole system, not just the user making them, they require root privilege. In the normal case, this is achieved by installing the route command setuid; this is an expression of trust by the system in the sanity checking in the route(8) binary. This delegation of trust allows an administrator to further control which users have access to routing information by altering permissions on (or removing entirely) the route(8) binary, effectively achieving a degree of separation of privilege.


In your specific case, while you are making changes to route(8), you can use sudo(8) to temporarily become root while running the command. Please note that your product must not replace the system's route(8) binary when it is installed - at most, you should carry a private copy in your application/driver bundle.

 = Mike

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Regarding Route Command source code (From: "subodh singh" <email@hidden>)






    

  • Prev by Date:
Regarding Route Command source code

    • 

  • Next by Date:
Re: Problem building darwin kernel

    • 

  • Previous by thread:
Regarding Route Command source code

    • 

  • Next by thread:
Re: Problem building darwin kernel

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •