From owner-freebsd-java Mon Aug 26 16:12: 7 2002 Delivered-To: freebsd-java@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0357D37B401 for ; Mon, 26 Aug 2002 16:12:05 -0700 (PDT) Received: from web13406.mail.yahoo.com (web13406.mail.yahoo.com [216.136.175.64]) by mx1.FreeBSD.org (Postfix) with SMTP id 425CB43E65 for ; Mon, 26 Aug 2002 16:12:04 -0700 (PDT) (envelope-from dan_256@yahoo.com) Message-ID: <20020826231204.23827.qmail@web13406.mail.yahoo.com> Received: from [12.254.130.74] by web13406.mail.yahoo.com via HTTP; Mon, 26 Aug 2002 16:12:04 PDT Date: Mon, 26 Aug 2002 16:12:04 -0700 (PDT) From: Dan Hulme Reply-To: dan_256@yahoo.com Subject: RE: Jboss3ctl update (I think I know the problem) To: K.J.Koster@kpn.com, znerd@FreeBSD.ORG, freebsd-java@FreeBSD.ORG In-Reply-To: <59063B5B4D98D311BC0D0001FA7E452205FDA940@l04.research.kpn.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-477509571-1030403524=:23825" Sender: owner-freebsd-java@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0-477509571-1030403524=:23825 Content-Type: text/plain; charset=us-ascii He's right, you can't SUID a script. But this is precisely the problem because the .java_wrapper script itself can never set the environment variables. So, even if you could SUID the script, it would still have the same problem that the "real user" is not the "effective user." The only real solution is to make java not require the .java_wrapper script, because only then can you run the binary as another (non-root) user. As long as the .java_wrapper script sets up an environment for java each time it is run, no SUID program will work, because that ENV will be ignored. SUID does not work in either case. It does SUID with the C program, but that doesn't help because the ENV will die in that case. Either way is broken. Static Java anyone? -Dan K.J.Koster@kpn.com wrote:Dear Ernst, > > > Ernst, perhaps you should revert to the daeminctl shell > > script instead of > > the executable. The fact that the log paths are compiled into an > > executable is a pain in the ass and in the end I still have > > to start and stop Orion as root. > > Yeah, but the reason I switched to a C-based program, is that > a shell script cannot be made SUID :-\ > Well, it still does not work SUID. :-/ > > Anybody have an alternative solution??? > Perhaps you could set LD_CONFIG_PATH explicitly. This is a security risk, so you may have to discuss the implications of doing so on -hackers. Also, it may be JDK dependent where that lib direcory resides. Kees Jan ===================================================== You can't have everything. Where would you put it? [Steven Wright] --------------------------------- Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes --0-477509571-1030403524=:23825 Content-Type: text/html; charset=us-ascii

He's right, you can't SUID a script.  But this is precisely the problem because the .java_wrapper script itself can never set the environment variables.  So, even if you could SUID the script, it would still have the same problem that the "real user" is not the "effective user."  The only real solution is to make java not require the .java_wrapper script, because only then can you run the binary as another (non-root) user.

As long as the .java_wrapper script sets up an environment for java each time it is run, no SUID program will work, because that ENV will be ignored.  SUID does not work in either case.  It does SUID with the C program, but that doesn't help because the ENV will die in that case.  Either way is broken.  Static Java anyone?

-Dan

 K.J.Koster@kpn.com wrote:

Dear Ernst,

>
> > Ernst, perhaps you should revert to the daeminctl shell
> > script instead of
> > the executable. The fact that the log paths are compiled into an
> > executable is a pain in the ass and in the end I still have
> > to start and stop Orion as root.
>
> Yeah, but the reason I switched to a C-based program, is that
> a shell script cannot be made SUID :-\
>
Well, it still does not work SUID. :-/

>
> Anybody have an alternative solution???
>
Perhaps you could set LD_CONFIG_PATH explicitly. This is a security risk, so
you may have to discuss the implications of doing so on -hackers. Also, it
may be JDK dependent where that lib direcory resides.

Kees Jan

=====================================================
You can't have everything. Where would you put it?
[Steven Wright]



Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes --0-477509571-1030403524=:23825-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-java" in the body of the message