Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 5 Mar 1997 09:19:06 -0800
From:      RGireyev@BellInd.com
To:        <ben@narcissus.ml.org>
Cc:        <questions@freebsd.org>
Subject:   RE: Post installation stuff
Message-ID:  <c=US%a=_%p=BellInd%l=CDCEXCHANGE-970305171906Z-380@cdcexchange.bellind.com>

next in thread | raw e-mail | index | archive | help
>
>> >> [..]
>> 
>> Doohhh!
>> 
>> Sorry completely forgot to tell you. After getting your mail I went home
>> and did the following:
>> 1. Logged in as root.
>> 2. which su (gave me the path something like /sbin/su or whatever)
>> 3. the permissions looked as follows -r-sr-xr-x
>> 4. I type chmod 455 /sbin/su
>
>Not 455, 4555.  BIG difference.
>
>> 5. did ll, it then looked like: -r--r-xr-x
>> Still no go, not for a user in group wheel or group bin.
>> 
>> I guess I should note here that it looks like the program executes,
>> alright, and some snippet of code within it determines that I do not
>> have the security to perform su. So it kindly spits a message to me
>> telling me that "You do not have permission to perform su ...."
>> Thanks again

OK I went home last night and looked at the source code for su
(su.c from FreeBSD-stable). Let me ask you a couple of questions
about the code below. Also, this is getting close to beeing a hackers
mailing list issue, I think, so let me know if I need to repost this
there.

195: {
196:	/* only allow those in group zero to su to root. */
197:	if (pwd->pw_uid == 0 && (gr = getgrgid((gid_t)0)))
198:		for (g = gr->gr_mem;; ++g) {
199:			if (!*g)
200:				errx(1,
201:	    "you are not in the correct group to su %s.",
202:				    user);
203:			if (strcmp(username, *g) == 0) {
#ifdef WHEELSU
						iswheelsu = 1;
#endif /* WHEELSU */
204:				break;
205:			}
206:		}
207: }

Now, line 198 loads pointer g to the root group members, then line 203
compares username with the root group members. Line 203 seems to
make no sense. I guess I need someone who knows how su's algorithm
is supposed to work, let me know what was intended here. Thanks.

>Send me your /etc/group file, please, and the output of "ls -l `which
>su`".  Note that those are backquotes around the "which su", not
>regular
>single quotes. 

OK.
Unfortunately my PC is at home so the earliest I can do this is
tomorrow.

>> Rudy
>> >
>> > Ben
>> >
>> >"You have your mind on computers, it seems."
>> >
>> >
>> 
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c=US%a=_%p=BellInd%l=CDCEXCHANGE-970305171906Z-380>