site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 http://developer.apple.com/library/mac/#samplecode/MoreAppleEvents/Listings/... In particular, read the MoreSecurity .h & .c files' comments. http://www.michael-amorose.com/books/index.htm Hi all, I am building a chroot management tool[1] for developers. It works under linux and I'm in the process of adding Mac support. I've ran into a couple of issues and could use a hand. I'm mounting a sparseimage and chroot'ing into it. When I do this ls tells me that binaries such as sudo and ping correctly have the setuid bit set and are owned by root. However, when I execute these binaries, their call to geteuid returns the user id rather than 0 (confirmed with dtruss[2]). The below commands, all executed on my macbook pro running 10.5.7, demonstrate this: # build the image that i'll chroot into export image_name=mac_os_x-10.5.7 export image_file=~/images/$image_name.sparseimage mkdir ~/images hdiutil create -type SPARSE -fs HFS+ -volname $image_name -size 5g -attach \ $image_file for P in BaseSystem Essentials BSD X11User; do \ sudo installer -target /Volumes/$image_name -pkg \ '/Volumes/Mac OS X Install DVD/System/Installation/Packages/'$P.pkg;\ done # mount some important directories for the chroot sudo mount -t devfs devfs /Volumes/$image_name/dev sudo mount -t fdesc -o union stdin /Volumes/mac_os_x-10.5.7/dev sudo mkdir -p /Volumes/$image_name/Users/jaybuff sudo bindfs /Users/jaybuff /Volumes/$image_name/Users/jaybuff $ # show that geteuid correctly returns 0 outside of the chroot: $ cat euid.c #include<stdio.h> main() { printf("euid: %i\n", geteuid()); } $ gcc euid.c -o euid $ chmod 04755 euid $ sudo chown root:wheel euid $ ./euid euid: 0 $ # copy it into the chroot $ cp euid /Volumes/mac_os_x-10.5.7/tmp/euid $ sudo chroot /Volumes/mac_os_x-10.5.7 bash bash-3.2# ls -la /tmp/euid -rwsr-xr-x 1 root wheel 12612 Feb 22 19:23 /tmp/euid bash-3.2# su - jaybuff $ /tmp/euid euid: 37964 $ id uid=37964(jaybuff) gid=100(users) groups=100(users),101(com.apple.sharepoint.group.1),98(_lpadmin),102(com.apple.sharepoint.group.2),80(admin),20(staff) Why does geteuid return 0 for a setuid binary outside of a chroot, but not when executed inside a chroot? Thanks, Jay [1] http://getjoot.org [2] http://www.brendangregg.com/dtrace.html _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/junklists%40michael-amoros... This email sent to junklists@michael-amorose.com _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... You may also want to take a look at Quinn's source code comments from MIB which discuss uid and effective uid in setuid helper tools on OS X: I've got a little booklet on OS X helper tools here, but I don't think it addresses your specific problem: On 2/23/11 9:07 AM, Jay Buffington wrote: This email sent to site_archiver@lists.apple.com