Date: Thu, 27 Mar 1997 08:16:57 +0100 From: Poul-Henning Kamp <phk@critter.dk.tfs.com> To: Peter Wemm <peter@spinner.dialix.com> Cc: Bill Fenner <fenner@parc.xerox.com>, ache@nagual.ru, imp@village.org, CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-lib@freefall.freebsd.org Subject: Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c Message-ID: <13762.859447017@critter> In-Reply-To: Your message of "Thu, 27 Mar 1997 11:12:08 %2B0800." <199703270312.LAA04087@spinner.DIALix.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199703270312.LAA04087@spinner.DIALix.COM>, Peter Wemm writes: >Poul-Henning Kamp wrote: >> In message <97Mar24.094840pst.177486@crevenia.parc.xerox.com>, Bill Fenner w >r > it >> es: >> >I think a lot would be solved by having a library function like >> >access() that also accepts a UID. Then the don't-let-people-access- >> >files-in-a-setuid-program-that-they-wouldn't-normally-have-access-to >> >problem, instead of being solved in N different setuid programs, >> >could be solved once. >> >> Well, access_as(2) alone will not do it, you would need a open_as(2), >> unlink_as(2), rename_as(2) and so on... > >Err, yeah. I knew that.. :-) Please ignore my previous simplistic reply >about access. :-). With setfsuid() etc in a setuid process, you'd do >this: > >setfsuid(getuid()); >fd = open(..) >setfsuid(geteuid()); > >And similar for daemons that are running as root but want to access files >as a user, eg: ftpd. It works for open, unlink, rename, link, chmod, etc >etc, the entire set of VFS syscalls. It sounds to me like adding [gs]etfs[ug]id(2) might be a worthwhile addtion to our arsenal of protections... -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. Power and ignorance is a disgusting cocktail.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13762.859447017>