Date: Fri, 29 Dec 1995 22:51:30 -0800 (PST) From: obrien@cs.ucdavis.edu (David E. O'Brien) To: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org (FreeBSD Hacker's list) Subject: termcap access as user uucp Message-ID: <9512300651.AA10608@toadflax.cs.ucdavis.edu>
next in thread | raw e-mail | index | archive | help
I'm doing a port of a terminal program to FreeBSD. The orignal author
installs it setuid root. I don't care for this. Following /usr/bin/cu's
lead, I make it setuid uucp. Problem is the program can't access the
termcap database as this user. Does it have something to do with uucp
not having a "normal" shell?
Security minded people: opinions on the best arraingment for security?
Others: What's wrong with Mr. UUCP?
Below is a minimal program to demonstrate this. Make it setuid root ==>
no problem. Make it non-setuid, owned by joe user ==> no problem. Make
it setuid uucp and you get:
No termcap present!
Test program
~~~~~~~~~~~~
#include <stdio.h>
#include <termcap.h>
main()
{
static char cbuf[2048];
char *term = "xterm";
switch(tgetent(cbuf, term )) {
case 0:
fprintf(stderr, "No termcap entry for %s\n", term);
return 1;
case -1:
fprintf(stderr, "No termcap present!\n");
return 1;
default:
printf( "\n%s\n", cbuf );
}
return 0;
}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9512300651.AA10608>