site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On Jun 1, 2007, at 7:07 AM, subodh singh wrote: Whether the same command is working fine. I have verified the source code also and it already used setuid(uid); uid=0; So kindly suggest me the reason of this problem, and also that how can I solve it. = Mike _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... The problem is that you do not understand the Unix process security model, and thus the solution would necessarily begin with your enlightenment. In this particular example, what you're missing is that a process running with your login credential cannot change its UID to zero (i.e. it cannot become root) merely by calling setuid(0). This should be obvious, and if it's not and you plan to keep writing driver software for MacOS then I cannot encourage you strongly enough to stop everything else you're doing until you understand why. This may sound a little harsh, and I'm only picking on you because you stood up and asked a question, but it is exactly this lack of comprehension that forms a major part of Microsoft's ongoing problems with local security holes in Windows, and MacOS is much better off without it. Because the system calls that route(8) uses affect the whole system, not just the user making them, they require root privilege. In the normal case, this is achieved by installing the route command setuid; this is an expression of trust by the system in the sanity checking in the route(8) binary. This delegation of trust allows an administrator to further control which users have access to routing information by altering permissions on (or removing entirely) the route(8) binary, effectively achieving a degree of separation of privilege. In your specific case, while you are making changes to route(8), you can use sudo(8) to temporarily become root while running the command. Please note that your product must not replace the system's route(8) binary when it is installed - at most, you should carry a private copy in your application/driver bundle. This email sent to site_archiver@lists.apple.com