unix - Why do I need setuid(0) within a setuid-root C program that calls an administrative program with system()? -

-

I had to hack some dirty Linux for someone, so that they could have a printer with cupsenable printoname Shell command while being a non root user I did not want to fully use the cuplessable syntax as the root, so I have written a cover which is in the input < Code> argv [1] system . .

I have created the program setuid root, but still, cuplessable failed "permission denied" and then I had a setuid (0) Code> system () and, take it and see, it worked.

The best way to give users control over the printer is probably a better way for me to be interested in chmod u + s vs setuid (0) There are complications of versus system () . Why did this happen?

to man system :

Do not use system () from a program with set-user-id or set-group-id privilege, because the strange values ​​of some environment variables can be used to break the mechanism Integrity Instead of the exec (3) family of tasks, but use execlp (3) or execvp (3) . Actually, those systems will not work properly with programs with set-user-id or set-group-id privileges, on which / bin / sh Bash is version 2, as Bash 2 leaves the privileges at startup.

and man bash from:

If the shell starts with effective user (group) id actual user (group) Id is not equal, and the -p option is not provided, no startup file is read, shell functions are not inherited from the environment; shellopts variable, If it appears in the environment, it is ignored, and the effective user id is real User ID is set.

This your Setuide (0) calls circumvented security.


Comments

Post a Comment

Popular posts from this blog

c++ - Linux and clipboard -

-
After selecting the copies of the buffer in Linux, after the text, we can click and paste the button between the mouse. I think there is a special buffer for this, I want to use it. Programming Language: C ++ Your Library: Qt Thanks. There is just one more correct answer than Paul Dixon, which answers your needs: / P > QClipboard * clipboard = QApplication :: clipboard (); CastString Selected Text = Clipboard-> Text (QClipboard :: Selection);
Read more

Visual Studio 2005: How to speed up builds when a VSMDI is open? -

-
Using Visual Studio 2005, if I open the test in VSMFI and try to run the tests, then sometimes the projects are ready. However, they run very slow. CPU 99% waste and output window VS Shows things associated with compiling it. Is there any way to fix this? It does not make any sense. It is not necessary to upgrade that we are a viable alternative to those people who have to deal with the legacy code. Did you try to upgrade SP1? I do not know of any specific problem in this area, but this will be the first change I tried to do.
Read more

booting ubuntu from usb using virtualbox -

-
I am trying to install Ubuntu on a USB, the problem is that I do not want to repeat the boot once, I want to keep my windows, but I want to boot Ubuntu using the virtualbox and USB to the Ubuntu Want to use my hard drive, but how? The virtualbox will not recognize USB as a hard drive when installing an ISO In virtualbox, you have to create a virtual hard disk. Make a USB drive and tell the virtual box to install a virtual hard drive that you just created. EDIT: To answer some more questions: In the new Virtual Disk dialog, click the button next to the location field, click on the button Virtual Disk on Flash Drive To access, click the arrow next to Save in the Select File in the window next to Save In, and you can access your flash drive from there. I recommend setting the image to be allocated dynamically, because the size of your flash drive is not available disk space. I name the image, then select that image to install Ubuntu in the Verbill box. The virtualbox will never...
Read more