Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
05-28-2007, 11:25 AM
|
#1
|
LQ Newbie
Registered: May 2007
Posts: 4
Rep:
|
execl() fails with EACCES after setuid() call
Hello there,
my name is Matteo and I'm writing from Italy.
Maybe this is a very trivial issue but I'm going crazy on it.
I have a simple application, say test, owned by myuid.mygid, of course different from root, where myuid=31 mygid=31.
Inside it I just do:
...
res = setgid(31);
if (res != 0)
printf("setgid() failed\n");
res = setuid(31);
if (res != 0)
printf("setuid() failed\n");
res = execl("/usr/sbin/myapp", (char*) NULL);
printf("execl() returned %d\n", res);
if (res != 0)
printf("execl() error: %s (%d)\n", strerror(errno), errno);
...
Please note that myapp is owned by 0.mygid and is readable/executable by mygid and the same for /usr and /usr/sbin.
But execl() fails with EACCES.
It seems that setuid() is the real cause, because if I comment only it the result is OK.
Can anyone please tell me what's wrong?
Many many thanks,
Matteo.
|
|
|
05-28-2007, 02:53 PM
|
#2
|
Member
Registered: Jun 2006
Location: Mariposa
Distribution: Slackware 9.1
Posts: 938
Rep:
|
This is strange. It should work.
I know you've already covered this, but as a sanity check, could you please copy and paste into a response on this site what you get as output to the following commands?
Code:
ls -lnad /usr/sbin
ls -ln /usr/sbin/myapp
|
|
|
05-29-2007, 03:56 AM
|
#3
|
LQ Newbie
Registered: May 2007
Posts: 4
Original Poster
Rep:
|
Hi,
first please excuse me for the duplicate post, of course it was not my intention but I couldn't remove the second one.
Then, doing a ls -lnad /usr/sbin I get
drwxr-x--- 2 0 31 4096 May 17 2007 /usr/sbin
and that should be OK, while ls -ln /usr/sbin/myapp gives
-rwxr-x--- 1 0 31 231477 May 17 2007 /usr/sbin/myapp
and that should be OK, too.
I can't really understand.
Thanks in advance,
Matteo.
|
|
|
05-30-2007, 08:36 PM
|
#4
|
Member
Registered: Jun 2006
Location: Mariposa
Distribution: Slackware 9.1
Posts: 938
Rep:
|
I'm thinking of various ways to explore this. But while I'm thinking, there's another piece of the puzzle that I need, please.
What user are you logged in as when you run test? User 31? User 0 (root)? Someone else? And what is the primary group number for that user?
By the way, "test" would be a bad name for this, because that word is used elsewhere in the shell and as a standard runnable program.
(Sorry for the slow response. I'm kinda overwhelmed with things to do at this end.)
|
|
|
All times are GMT -5. The time now is 12:41 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|