← Back to team overview

sslug-teknik team mailing list archive

Re: suid vil ikke gøre som jeg forventer

 

In <19990824220941.A11863@xxxxxxxxxxxxxxx> torben fjerdingstad <tfj@xxxxxxxxxxxxxxx> writes:

>Som bruger:
>$ strace cu -l cua0 -s9600
>open("/dev/cua0", O_RDWR|O_NONBLOCK)    = 3
>access("/dev/cua0", R_OK|W_OK)          = -1 EACCES (Permission denied)

>D.v.s. suid root på strace heller ikke virker. Jeg kan godt åbne
>porten read/write, men har ikke read/write ret.

Fra 'man 2 access' :

       The check is done with the process's  real  uid  and  gid,
       rather  than  with the effective ids as is done when actu-
       ally attempting an operation.  This is  to  allow  set-UID
       programs  to  easily determine the invoking user's author-
       ity.

Med andre ord: Det nytter ikke noget at sætte suid-bitten på programmet.
access() funktionen checker rettighederne med din almindelige bruger-
identitet, d.v.s. uafhængigt af suid-bitten.

-- 
Henrik Storner     | "Software engineering is a race between engineers 
<storner@xxxxxxxx> |  who try to create foolproof software and the 
                   |  universe which is trying to create bigger fools.
                   |  So far, the universe is winning..."


References