* SUID root
@ 2003-07-16 14:19 Richard B. Johnson
2003-07-16 14:22 ` Daniel Jacobowitz
0 siblings, 1 reply; 3+ messages in thread
From: Richard B. Johnson @ 2003-07-16 14:19 UTC (permalink / raw)
To: Linux kernel
It appears as though SUID root programs don't work on
linux 2.4.20, 2.4.21, or 2.4.22-pre6, or at least what
used to work no longer does.
One program tries to execute iopl(3). In the event that
it fails, it tries to set UID/GID to root after saving
the previous, then tries again.
The program exists in /usr/bin, properly owned by root. It
is set SUID, 4755, and otherwise works. Anybody have any
clues? Do SUID programs have to be re-written to use some
other mechanism? I need to have a user-mode program get
access to an otherwise unused printer port. It's a shame
to write a module just for this.
brk(0x804f000) = 0x804f000
brk(0x8051000) = 0x8051000
brk(0x8053000) = 0x8053000
time(NULL) = 1058364273
iopl(0x3) = -1 EPERM (Operation not permitted)
getuid() = 100
getgid() = 100
setuid(0) = -1 EPERM (Operation not permitted)
setgid(0) = -1 EPERM (Operation not permitted)
iopl(0x3) = -1 EPERM (Operation not permitted)
_exit(0) = ?
$ ls -la /usr/bin/debug
-rwsr-xr-x 1 root root 6126 Jul 16 09:59 /usr/bin/debug
$ exit
exit
Script done on Wed Jul 16 10:05:02 2003
Cheers,
Dick Johnson
Penguin : Linux version 2.4.20 on an i686 machine (797.90 BogoMips).
Note 96.3% of all statistics are fiction.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SUID root
2003-07-16 14:19 SUID root Richard B. Johnson
@ 2003-07-16 14:22 ` Daniel Jacobowitz
2003-07-16 14:42 ` Richard B. Johnson
0 siblings, 1 reply; 3+ messages in thread
From: Daniel Jacobowitz @ 2003-07-16 14:22 UTC (permalink / raw)
To: Linux kernel
On Wed, Jul 16, 2003 at 10:19:14AM -0400, Richard B. Johnson wrote:
>
> It appears as though SUID root programs don't work on
> linux 2.4.20, 2.4.21, or 2.4.22-pre6, or at least what
> used to work no longer does.
>
> One program tries to execute iopl(3). In the event that
> it fails, it tries to set UID/GID to root after saving
> the previous, then tries again.
>
> The program exists in /usr/bin, properly owned by root. It
> is set SUID, 4755, and otherwise works. Anybody have any
> clues? Do SUID programs have to be re-written to use some
> other mechanism? I need to have a user-mode program get
> access to an otherwise unused printer port. It's a shame
> to write a module just for this.
You're stracing it. Stracing prevents setuid from occurring; it used
to just prevent the exec.
--
Daniel Jacobowitz
MontaVista Software Debian GNU/Linux Developer
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SUID root
2003-07-16 14:22 ` Daniel Jacobowitz
@ 2003-07-16 14:42 ` Richard B. Johnson
0 siblings, 0 replies; 3+ messages in thread
From: Richard B. Johnson @ 2003-07-16 14:42 UTC (permalink / raw)
To: Daniel Jacobowitz; +Cc: Linux kernel
On Wed, 16 Jul 2003, Daniel Jacobowitz wrote:
> On Wed, Jul 16, 2003 at 10:19:14AM -0400, Richard B. Johnson wrote:
> >
> > It appears as though SUID root programs don't work on
> > linux 2.4.20, 2.4.21, or 2.4.22-pre6, or at least what
> > used to work no longer does.
> >
> > One program tries to execute iopl(3). In the event that
> > it fails, it tries to set UID/GID to root after saving
> > the previous, then tries again.
> >
> > The program exists in /usr/bin, properly owned by root. It
> > is set SUID, 4755, and otherwise works. Anybody have any
> > clues? Do SUID programs have to be re-written to use some
> > other mechanism? I need to have a user-mode program get
> > access to an otherwise unused printer port. It's a shame
> > to write a module just for this.
>
> You're stracing it. Stracing prevents setuid from occurring; it used
> to just prevent the exec.
>
Okay. Thanks, you are right. It is actually working I guess.
Cheers,
Dick Johnson
Penguin : Linux version 2.4.20 on an i686 machine (797.90 BogoMips).
Note 96.3% of all statistics are fiction.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-07-16 14:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-07-16 14:19 SUID root Richard B. Johnson
2003-07-16 14:22 ` Daniel Jacobowitz
2003-07-16 14:42 ` Richard B. Johnson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).