From owner-freebsd-audit@FreeBSD.ORG Mon Jun 2 00:31:42 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 880E437B401 for ; Mon, 2 Jun 2003 00:31:42 -0700 (PDT) Received: from pop016.verizon.net (pop016pub.verizon.net [206.46.170.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id D636543F3F for ; Mon, 2 Jun 2003 00:31:41 -0700 (PDT) (envelope-from mtm@identd.net) Received: from kokeb.ambesa.net ([138.88.0.86]) by pop016.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030602073140.WKWJ3199.pop016.verizon.net@kokeb.ambesa.net>; Mon, 2 Jun 2003 02:31:40 -0500 Date: Mon, 2 Jun 2003 03:31:39 -0400 From: Mike Makonnen To: freebsd-audit@freebsd.org X-Mailer: Sylpheed version 0.8.10 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at pop016.verizon.net from [138.88.0.86] at Mon, 2 Jun 2003 02:31:40 -0500 Message-Id: <20030602073140.WKWJ3199.pop016.verizon.net@kokeb.ambesa.net> cc: Mark Murray Subject: [CFR] NetBSD's chroot(8) functionality X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 07:31:42 -0000 Does anyone have any objections to the following change to chroot(8) (the program, not the syscall)? Essentially, it allows the user to set a new uid, group, and/or group list when invoking chroot(8). Cheers. -- Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc mtm@identd.net | D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9 mtm@FreeBSD.Org| FreeBSD - The Power To Serve Index: usr.sbin/chroot/chroot.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/chroot/chroot.c,v retrieving revision 1.8 diff -u -r1.8 chroot.c --- usr.sbin/chroot/chroot.c 3 May 2003 21:06:36 -0000 1.8 +++ usr.sbin/chroot/chroot.c 2 Jun 2003 05:55:53 -0000 @@ -47,8 +47,12 @@ #include +#include #include +#include +#include #include +#include #include #include #include @@ -56,29 +60,112 @@ static void usage(void); +char *user; /* user to switch to before running program */ +char *group; /* group to switch to ... */ +char *grouplist; /* group list to switch to ... */ + int main(argc, argv) int argc; char *argv[]; { - int ch; - const char *shell; - - while ((ch = getopt(argc, argv, "")) != -1) + struct group *gp; + struct passwd *pw; + char *endp, *p; + const char *shell; + gid_t gid, gidlist[NGROUPS_MAX]; + uid_t uid; + int ch, gids; + + gid = 0; + uid = 0; + while ((ch = getopt(argc, argv, "G:g:u:")) != -1) { switch(ch) { + case 'u': + user = optarg; + if (*user == '\0') + usage(); + break; + case 'g': + group = optarg; + if (*group == '\0') + usage(); + break; + case 'G': + grouplist = optarg; + if (*grouplist == '\0') + usage(); + break; case '?': default: usage(); } + } argc -= optind; argv += optind; if (argc < 1) usage(); + if (group != NULL) { + if (isdigit((unsigned char)*group)) { + gid = (gid_t)strtoul(group, &endp, 0); + if (*endp != '\0') + goto getgroup; + } else { + getgroup: + if ((gp = getgrnam(group)) != NULL) + gid = gp->gr_gid; + else + errx(1, "no such group `%s'", group); + } + } + + for (gids = 0; + (p = strsep(&grouplist, ",")) != NULL && gids < NGROUPS_MAX; ) { + if (*p == '\0') + continue; + + if (isdigit((unsigned char)*p)) { + gidlist[gids] = (gid_t)strtoul(p, &endp, 0); + if (*endp != '\0') + goto getglist; + } else { + getglist: + if ((gp = getgrnam(p)) != NULL) + gidlist[gids] = gp->gr_gid; + else + errx(1, "no such group `%s'", p); + } + gids++; + } + if (p != NULL && gids == NGROUPS_MAX) + errx(1, "too many supplementary groups provided"); + + if (user != NULL) { + if (isdigit((unsigned char)*user)) { + uid = (uid_t)strtoul(user, &endp, 0); + if (*endp != '\0') + goto getuser; + } else { + getuser: + if ((pw = getpwnam(user)) != NULL) + uid = pw->pw_uid; + else + errx(1, "no such user `%s'", user); + } + } + if (chdir(argv[0]) || chroot(".")) err(1, "%s", argv[0]); + if (gids && setgroups(gids, gidlist) == -1) + err(1, "setgroups"); + if (group && setgid(gid) == -1) + err(1, "setgid"); + if (user && setuid(uid) == -1) + err(1, "setuid"); + if (argv[1]) { execvp(argv[1], &argv[1]); err(1, "%s", argv[1]); @@ -94,6 +181,7 @@ static void usage() { - (void)fprintf(stderr, "usage: chroot newroot [command]\n"); + (void)fprintf(stderr, "usage: chroot [-g group] [-G group,group,...] " + "[-u user] newroot [command]\n"); exit(1); } From owner-freebsd-audit@FreeBSD.ORG Mon Jun 2 00:40:49 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7037837B401 for ; Mon, 2 Jun 2003 00:40:49 -0700 (PDT) Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE22B43F85 for ; Mon, 2 Jun 2003 00:40:47 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay.macomnet.ru (8.11.6/8.11.6) with ESMTP id h527egG6500753; Mon, 2 Jun 2003 11:40:42 +0400 (MSD) Date: Mon, 2 Jun 2003 11:40:42 +0400 (MSD) From: Maxim Konovalov To: Mike Makonnen In-Reply-To: <20030602073140.WKWJ3199.pop016.verizon.net@kokeb.ambesa.net> Message-ID: <20030602114021.U97591@news1.macomnet.ru> References: <20030602073140.WKWJ3199.pop016.verizon.net@kokeb.ambesa.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Mark Murray cc: freebsd-audit@freebsd.org Subject: Re: [CFR] NetBSD's chroot(8) functionality X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 07:40:49 -0000 On 03:31-0400, Jun 2, 2003, Mike Makonnen wrote: > Does anyone have any objections to the following change to chroot(8) (the > program, not the syscall)? > > Essentially, it allows the user to set a new uid, group, and/or > group list when invoking chroot(8). chroot.8 please. -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org From owner-freebsd-audit@FreeBSD.ORG Mon Jun 2 00:48:09 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACD5D37B401 for ; Mon, 2 Jun 2003 00:48:09 -0700 (PDT) Received: from pop017.verizon.net (pop017pub.verizon.net [206.46.170.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id DBF4F43F75 for ; Mon, 2 Jun 2003 00:48:08 -0700 (PDT) (envelope-from mtm@identd.net) Received: from kokeb.ambesa.net ([138.88.0.86]) by pop017.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030602074808.XZZC27254.pop017.verizon.net@kokeb.ambesa.net>; Mon, 2 Jun 2003 02:48:08 -0500 Date: Mon, 2 Jun 2003 03:48:07 -0400 From: Mike Makonnen To: Maxim Konovalov In-Reply-To: <20030602114021.U97591@news1.macomnet.ru> References: <20030602073140.WKWJ3199.pop016.verizon.net@kokeb.ambesa.net> <20030602114021.U97591@news1.macomnet.ru> X-Mailer: Sylpheed version 0.8.10 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at pop017.verizon.net from [138.88.0.86] at Mon, 2 Jun 2003 02:48:07 -0500 Message-Id: <20030602074808.XZZC27254.pop017.verizon.net@kokeb.ambesa.net> cc: mark@grondar.org cc: freebsd-audit@freebsd.org Subject: Re: [CFR] NetBSD's chroot(8) functionality X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 07:48:10 -0000 On Mon, 2 Jun 2003 11:40:42 +0400 (MSD) Maxim Konovalov wrote: > > chroot.8 please. I'm working on it. -- Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc mtm@identd.net | D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9 mtm@FreeBSD.Org| FreeBSD - The Power To Serve From owner-freebsd-audit@FreeBSD.ORG Tue Jun 3 18:05:20 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA08537B401 for ; Tue, 3 Jun 2003 18:05:20 -0700 (PDT) Received: from smtp02.syd.iprimus.net.au (smtp02.syd.iprimus.net.au [210.50.76.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25DA843F3F for ; Tue, 3 Jun 2003 18:05:20 -0700 (PDT) (envelope-from tim@robbins.dropbear.id.au) Received: from dilbert.robbins.dropbear.id.au (203.134.172.104) by smtp02.syd.iprimus.net.au (7.0.015) id 3ECBEA3400210370 for audit@FreeBSD.org; Wed, 4 Jun 2003 11:05:17 +1000 Received: by dilbert.robbins.dropbear.id.au (Postfix, from userid 1000) id B6755C90F; Wed, 4 Jun 2003 11:01:25 +1000 (EST) Date: Wed, 4 Jun 2003 11:01:25 +1000 From: Tim Robbins To: audit@FreeBSD.org Message-ID: <20030604110125.A41509@dilbert.robbins.dropbear.id.au> References: <200304220700.h3M70CM3058589@freefall.freebsd.org> <20030527084242.GB513@straylight.oblivion.bg> <20030527235525.A47880@dilbert.robbins.dropbear.id.au> <20030527142122.GG513@straylight.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030527142122.GG513@straylight.oblivion.bg>; from roam@ringlet.net on Tue, May 27, 2003 at 05:21:22PM +0300 Subject: Re: conf/51256: chkgrp should make sure the file is newline terminated X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 01:05:21 -0000 On Tue, May 27, 2003 at 05:21:22PM +0300, Peter Pentchev wrote: > On Tue, May 27, 2003 at 11:55:25PM +1000, Tim Robbins wrote: > > On Tue, May 27, 2003 at 11:42:42AM +0300, Peter Pentchev wrote: > > > > > Could somebody take a look at this PR and the patch (quoted below), and > > > see if there's anything wrong with it or it may be committed? > > [...] > > > > if ((line = fgetln(gf, &len)) == NULL) > > > > break; > > > > + if (len > 0 && line[len - 1] != '\n' && line[len - 1] != '\r') { > > > > + warnx("%s: line %d: no newline character", gfn, n); > > > > + e++; > > > > + } > > [...] > > > > I think that it's unnecessary (and incorrect) to check for a '\r' character > > at the end of the line. > > Okay, this might have been a bad habit of processing files that came > from Over There ;) So.. how about the patch with only the '\n' check, > then? Yes, it looks fine now. Sorry for taking so long to get back to you about this. Tim From owner-freebsd-audit@FreeBSD.ORG Thu Jun 5 02:52:38 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85B1137B401 for ; Thu, 5 Jun 2003 02:52:38 -0700 (PDT) Received: from mail.liwing.de (mail.liwing.de [213.70.188.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BF1A43FBF for ; Thu, 5 Jun 2003 02:52:37 -0700 (PDT) (envelope-from rehsack@liwing.de) Received: (qmail 33705 invoked from network); 5 Jun 2003 09:52:32 -0000 Received: from stingray.liwing.de (HELO liwing.de) ([213.70.188.164]) (envelope-sender ) by mail.liwing.de (qmail-ldap-1.03) with SMTP for ; 5 Jun 2003 09:52:32 -0000 Message-ID: <3EDF12E0.4020009@liwing.de> Date: Thu, 05 Jun 2003 11:52:32 +0200 From: Jens Rehsack Organization: LiWing IT-Services User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 (Compact - Build 2) X-Accept-Language: en-us, en MIME-Version: 1.0 To: David O'Brien Content-Type: multipart/mixed; boundary="------------090807070903090406050009" cc: FreeBSD-Current List cc: freebsd-audit Subject: file(1) doesn't recognize scripts correctly X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 09:52:38 -0000 This is a multi-part message in MIME format. --------------090807070903090406050009 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi David, hi list, you got this mail, because you maintain src/contrib/file/. If you're not responsible, please let me know and I will find someone else to bother with this :-) I was playing around with file(1) to find a solution for detecting file content correctly. I've detected, that the pattern in src/contrib/file/Magfiles/commands which are useful detecting unknow scripts correctly (lines 44-52), prevents file from detecting eg. perl or scripts correctly. Sample: $ file -b /var/www/data/trevor/flexpage/tools/fpcombinelib a /usr/local/bin/php -Cqe script text executable $ file -b /var/www/data/trevor/flexpage/tools/getPage.pl a /usr/bin/perl script text executable I created a patch which may only a workaround until a script language is added which first letters are bigger than 'various'. Maybe a better solution would be renaming all scripts to 'script.shell', 'script.php', 'script.perl', ... 'script.various' or concatanation order is created. Last one may be the best solution. Please let me know what you think. Sample after patch: $ file -b /var/www/data/trevor/flexpage/tools/getPage.pl perl script text executable $ file -b /var/www/data/trevor/flexpage/tools/fpcombinelib PHP script text executable Regards, Jens --------------090807070903090406050009 Content-Type: text/plain; name="patch-contrib-file-Magdir" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="patch-contrib-file-Magdir" diff -uNr Magdir.old/commands Magdir/commands --- Magdir.old/commands Thu Jun 5 09:43:50 2003 +++ Magdir/commands Thu Jun 5 09:46:15 2003 @@ -40,17 +40,6 @@ 0 string #!\ /usr/bin/env a >16 string >\0 %s script text executable - -# generic shell magic -0 string #!\ / a ->3 string >\0 %s script text executable -0 string #!\ / a ->3 string >\0 %s script text executable -0 string #!/ a ->2 string >\0 %s script text executable -0 string #!\ script text executable ->3 string >\0 for %s - # PHP scripts # Ulf Harnhammar 0 string/c =3 string >\0 %s script text executable +0 string #!\ / a +>3 string >\0 %s script text executable +0 string #!/ a +>2 string >\0 %s script text executable +0 string #!\ script text executable +>3 string >\0 for %s + + --------------090807070903090406050009--