Date: Fri, 12 Jul 2002 00:08:44 +0200 From: Cyrille Lefevre <cyrille.lefevre@laposte.net> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: No suid crontab(1). Message-ID: <20020711220844.GC21234@gits.dyndns.org> In-Reply-To: <20020711105214.GJ12920@garage.freebsd.pl> References: <20020711105214.GJ12920@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 11, 2002 at 12:52:14PM +0200, Pawel Jakub Dawidek wrote:
[snip]
> @@ -592,11 +577,19 @@
> }
>
> (void) sprintf(n, CRON_TAB(User));
> + chflags(n, 0);
please, backup old flags such as (oflags = chflags(n, 0)) since
you don't know if only UF_IMMUTABLE is used.
> if (rename(tn, n)) {
> warn("error renaming %s to %s", tn, n);
> unlink(tn);
> return (-2);
> }
then chflags(oflags|UF_IMMUTABLE).
> + if (chflags(n, UF_IMMUTABLE) < OK)
> + {
> + warn("chflags");
> + unlink(n);
> + return (-2);
> + }
> +
> log_it(RealUser, Pid, "REPLACE", User);
>
> poke_daemon();
does this work w/ `sysctl kern.securelevel' > 0 ?
# man init
1 Secure mode - the system immutable and system append-only flags may
^^^^^^^^^^^^^^^^^^^^ ^^^
not be turned off; disks for mounted filesystems, /dev/mem, and
^^^^^^^^^^^^^^^^^
/dev/kmem may not be opened for writing; kernel modules (see
kld(4)) may not be loaded or unloaded.
I guess no.
Cyrille.
--
Cyrille Lefevre mailto:cyrille.lefevre@laposte.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020711220844.GC21234>