From owner-freebsd-hackers Wed Oct 27 14:54:49 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from foobar.franken.de (foobar.franken.de [194.94.249.81]) by hub.freebsd.org (Postfix) with ESMTP id 3DAF514FE6 for ; Wed, 27 Oct 1999 14:54:41 -0700 (PDT) (envelope-from logix@foobar.franken.de) Received: (from logix@localhost) by foobar.franken.de (8.8.8/8.8.5) id XAA10417; Wed, 27 Oct 1999 23:54:42 +0200 (CEST) Message-ID: <19991027235442.A10352@foobar.franken.de> Date: Wed, 27 Oct 1999 23:54:42 +0200 From: Harold Gutch To: Mark , freebsd-hackers@FreeBSD.ORG Subject: Re: su-ing a user remotely References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: ; from Mark on Wed, Oct 27, 1999 at 04:55:30PM -0400 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Oct 27, 1999 at 04:55:30PM -0400, Mark wrote: > > I'm looking for a tool which I think I'll have to end up making myself. > > What I'm looking for.... Let's say there are two logins on a FreeBSD > machine. On ttyp0 is root, and user fred is logged in on ttyp1. Fred > can't su to root because he's not in wheel, and he doesn't/won't know the > root pass. Assuming I'm logged in a root, I'd like to be able to "bless" > fred from my ttyp0 and 'upgrade' his login to root. > > Is this feasible or programatically realistic? Is there such a tool? > What would need to get changed to make this happen? > A friend of mine shortly ago mentioned a tool he wrote some time ago that would scan /dev/kmem for a process with a specific PID and change the UID of this process to whatever value you wanted it to be. You can get it from: ftp://ftp.42.org/pub/FreeBSD/presto-1.1.tar.gz Using it you should be able to change this the UID of fred's loginshell, which should accomplish what you are looking for. bye, Harold -- Sleep is an abstinence syndrome wich occurs due to lack of caffein. Wed Mar 4 04:53:33 CET 1998 #unix, ircnet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message