Aucbvax.4483 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Thu Oct 15 23:58:45 1981 Getting around mkdir on setuid programs >From MathStat.jmrubin@Berkeley Thu Oct 15 20:40:40 1981 This refers to a letter of mark@berkeley referring to the fact that when a setuid program forks mkdir, mkdir checks the real uid in figuring out permissions and ownership. One way to do it (and I am not sure this is all that good) is to run the program setuid root, and then, instead of forking mkdir, simply copy the appropriate part of the code for mkdir. (mknod, et. al.) root can then chown and chmod the directories as appropriate. If one is paranoid, one can setuid to a more restrictive user as soon as it is clear that a restricted system call won't be necessary. Alternatively, instead of running mkdir directly, you could fork a setuid root program in a directory only accessible to the euid of the original program which (1) setuid's to 0 (2) forks mkdir (3) chowns the directories if necessary. (if this last step isn't necessary, another fork probably isn't necessary) One of Mark's suggestions was to permit setuid(geteuid()) in the kernel. I don't think this would cause any a priori security breeches, but it might require more care in programming. Joel Rubin ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.