Date: Wed, 10 Jun 1998 18:23:40 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, peter@netplex.com.au Cc: brian@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG, cvs-usrsbin@FreeBSD.ORG Subject: Re: cvs commit: src/usr.sbin/ppp Makefile Message-ID: <199806100823.SAA02784@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> I suppose `chmod a+r' is the correct fix for other executables that >> can't be run by root over nfs or backed up by group operator: >> >> -r-x------ 1 bin bin 208896 Jun 4 17:50 sbin/init* >> -r-sr-x--- 1 root operator 147456 May 30 18:37 sbin/shutdown* >> ---s--x--x 2 root bin 466944 May 30 18:36 usr/bin/sperl4.036* >> ---s--x--x 2 root bin 466944 May 30 18:36 usr/bin/suidperl* >> -r-sr-x--- 1 uucp uucp 225280 May 30 18:30 usr/libexec/uucp/uuxqt* >> -r-sr-x--- 1 root network 389120 Jun 4 17:27 usr/sbin/ppp* >> -r-sr-x--- 1 root network 180224 May 30 18:44 usr/sbin/sliplogin* >> -r-x------ 1 bin bin 114688 May 13 05:05 usr/sbin/watch* > >NFS has permission hackery to convert an 'x' into an 'r' bit for files so >they can be read for execution. Only for certain 'x' bits. suidperl works, but ppp with the above permissions fails with a SIGSEGV and a kernel printf for anyone except root in group network because execve() thinks it can exec the file but vm doesn't allow reading it. It fails cleanly for root because root is nobody over nfs. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806100823.SAA02784>