From owner-freebsd-current@FreeBSD.ORG  Sun Mar 28 18:41:04 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1559E16A4CE; Sun, 28 Mar 2004 18:41:03 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9C56F43D2D; Sun, 28 Mar 2004 18:41:03 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.10/8.12.10) with ESMTP id i2T2cexC037172;
	Sun, 28 Mar 2004 21:38:41 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)i2T2ceRl037169;
	Sun, 28 Mar 2004 21:38:40 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Sun, 28 Mar 2004 21:38:40 -0500 (EST)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: Ganbold <ganbold@micom.mng.net>
In-Reply-To: <6.0.3.0.2.20040329102508.029f5670@202.179.0.80>
Message-ID: <Pine.NEB.3.96L.1040328213714.35345F-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-hackers@freebsd.org
cc: freebsd-current@freebsd.org
Subject: Re: Question regarding shell user creation at login time
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Mar 2004 02:41:04 -0000


On Mon, 29 Mar 2004, Ganbold wrote:

> Hi,
> 
> I traced sshd using ktrace and it says:
> ......
>   10198 new      CALL  setuid(0)
>   10198 new      RET   setuid -1 errno 1 Operation not permitted
>   10198 new      CALL  execve(0x80485d0,0xbfbfed8c,0xbfbfed94)
>   10198 new      NAMI  "/home/new/new.pl"
>   10198 new      RET   execve -1 errno 13 Permission denied
>   10198 new      CALL  exit(0xffffffff)
> .....

Don't you mean to be running /home/new/new instead?  new.pl isn't world
readable/executable. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Senior Research Scientist, McAfee Research


> 
> My C program is:
> 
> #include <unistd.h>
> 
> main(ac, av)
>          char **av;
> {
>          setuid(0);
>          execv("/home/new/new.pl",av);
> }
> 
> Directory:
> 
> public# ls -la ~new
> total 46
> drwxr-xr-x  2 root  wheel    512 Mar 29 09:10 .
> drwxr-xr-x  8 root  wheel    512 Mar 25 15:28 ..
> -r--r-----  1 root  new      767 Mar 24 17:43 .cshrc
> -r--r-----  1 root  new      248 Mar 26 12:32 .login
> -r--r-----  1 root  new      158 Mar 24 17:43 .login_conf
> -r--r-----  1 root  new      373 Mar 24 17:43 .mail_aliases
> -r--r-----  1 root  new      331 Mar 24 17:43 .mailrc
> -r--r-----  1 root  new      797 Mar 24 17:43 .profile
> -r--r-----  1 root  new      276 Mar 24 17:43 .rhosts
> -r--r-----  1 root  new      975 Mar 24 17:43 .shrc
> -rwsr-x---  1 root  new     4651 Mar 26 08:47 new
> ----------  1 root  wheel     94 Mar 26 08:47 new.c
> -r-x------  1 root  wheel  15430 Mar 25 15:16 new.pl
> -rw-r--r--  1 root  wheel     52 Mar 25 16:52 new.sh
> 
> 
> Can somebody tell me the reason why it is failed?
> 
> Thanks in advance,
> 
> Ganbold
> 
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>