Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 12 Nov 2015 14:44:47 +0100
From:      Matthias Apitz <guru@unixarea.de>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: vpnc && setuid
Message-ID:  <20151112134447.GA4418@c720-r276659>
In-Reply-To: <20151112120549.GA3983@c720-r276659>
References:  <20151112093622.GA3261@c720-r276659> <CALfReydC1JD1LNUHHPev=q7WA98b52mootDngOQmEtXTUKkWYA@mail.gmail.com> <20151112101333.GA3606@c720-r276659> <CALfReydZkhuAjqphEsBkn++zV1emBj5VUjfSpe+DyOr=mmZdDw@mail.gmail.com> <20151112120549.GA3983@c720-r276659>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
El día Thursday, November 12, 2015 a las 01:05:49PM +0100, Matthias Apitz escribió:

> El día Thursday, November 12, 2015 a las 10:19:38AM +0000, krad escribió:
> 
> > Looks like you need to 640 or 644 it.
> 
> Why? The /usr/local/sbin/vpnc is set to:
> 
> # ls -l /usr/local/sbin/vpnc
> -rwsr-xr-x  1 root  wheel  105092 10 nov 20:12 /usr/local/sbin/vpnc
> 
> and the proc should run with euid=0, i.e. as root, but does not do this
> and the question is, why?

I wrote a small C-pgm:

#define _GNU_SOURCE
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
#include <errno.h>
#define call(fun) errno = 0; fun; perror(#fun)

int main(int argc, char **argv) {
  FILE *fp;
  uid_t ruid = -1, euid = -1, suid = -1;
  getresuid(&ruid, &euid, &suid);
  printf("> ruid=%d, euid=%d, suid=%d\n", ruid, euid, suid);
  fp = fopen("/usr/local/etc/vpnc.conf", "r");
  if( fp != NULL )  {
    printf("file /usr/local/etc/vpnc.conf opened\n");
    fclose(fp);  
  }
  call(setuid(1000));
  getresuid(&ruid, &euid, &suid);
  printf("> ruid=%d, euid=%d, suid=%d\n", ruid, euid, suid);

  return 0;
}


# cc set.c
# strip a.out
# chmod 6711 a.out
# ls -l /usr/local/sbin/vpnc a.out
-rws--s--x  1 root  wheel  105092 10 nov 20:12 /usr/local/sbin/vpnc
-rws--s--x  1 root  wheel    4340 12 nov 14:41 a.out

When I run this as normal user, it works as expected:

$ ./a.out
> ruid=1001, euid=0, suid=0
file /usr/local/etc/vpnc.conf opened
setuid(1000): No error: 0
> ruid=1000, euid=1000, suid=1000

What is so magic with /usr/local/sbin/vpnc?

-- 
Matthias Apitz, ✉ guru@unixarea.de, 🌐 http://www.unixarea.de/  ☎ +49-176-38902045



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20151112134447.GA4418>