Date: Sun, 28 Mar 2004 20:39:37 -0600 From: Sean Kelly <smkelly@zombie.org> To: Ganbold <ganbold@micom.mng.net> Cc: freebsd-hackers@freebsd.org Subject: Re: Question regarding shell user creation at login time Message-ID: <20040329023937.GA76248@edgemaster.zombie.org> In-Reply-To: <6.0.3.0.2.20040329102508.029f5670@202.179.0.80> References: <6.0.3.0.2.20040329102508.029f5670@202.179.0.80>
next in thread | previous in thread | raw e-mail | index | archive | help
--uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please don't crosspost. I don't think this is a topic for -current, so I've removed it. On Mon, Mar 29, 2004 at 11:05:55AM +0900, Ganbold wrote: > 10198 new CALL setuid(0) > 10198 new RET setuid -1 errno 1 Operation not permitted Your attempt to setuid(0) failed. > 10198 new CALL execve(0x80485d0,0xbfbfed8c,0xbfbfed94) > 10198 new NAMI "/home/new/new.pl" > 10198 new RET execve -1 errno 13 Permission denied Your attempt to run that perl script failed. > -rwsr-x--- 1 root new 4651 Mar 26 08:47 new > ---------- 1 root wheel 94 Mar 26 08:47 new.c > -r-x------ 1 root wheel 15430 Mar 25 15:16 new.pl Well, since your attempt to setuid(0) failed, `new.pl` is not being execve()'d as root. Therefore, the permissions on the `new.pl` file are such that it can't be read or executed by the user/process. --=20 Sean Kelly | PGP KeyID: D2E5E296 smkelly@FreeBSD.org | http://www.sean-kelly.org/ --uAKRQypu60I7Lcqm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAZ4xoPm7A9NLl4pYRArh2AKCICop41LU81ipLY21qB7UqmmN+pgCeLNjs xib1UwCV2lano5dBBsEdi14= =Jgtg -----END PGP SIGNATURE----- --uAKRQypu60I7Lcqm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040329023937.GA76248>